def process(self): if "config" not in self.dbag.keys(): return if 'configuration' not in self.dbag['config'][0].keys(): return config = self.dbag['config'][0]['configuration'] file1 = CsFile(HAPROXY_CONF_T) file1.empty() for x in config: [file1.append(w, -1) for w in x.split('\n')] file1.commit() file2 = CsFile(HAPROXY_CONF_P) if not file2.compare(file1): CsHelper.copy(HAPROXY_CONF_T, HAPROXY_CONF_P) proc = CsProcess(['/var/run/haproxy.pid']) if not proc.find(): logging.debug("CsLoadBalancer:: will restart HAproxy!") CsHelper.service("haproxy", "restart") else: logging.debug("CsLoadBalancer:: will reload HAproxy!") CsHelper.service("haproxy", "reload") add_rules = self.dbag['config'][0]['add_rules'] remove_rules = self.dbag['config'][0]['remove_rules'] stat_rules = self.dbag['config'][0]['stat_rules'] self._configure_firewall(add_rules, remove_rules, stat_rules)
def __update(self, vm_ip, password): token = "" try: tokenFile = open(self.TOKEN_FILE) token = tokenFile.read() except IOError: logging.debug("File %s does not exist" % self.TOKEN_FILE) logging.debug("Got VM '%s' and password '%s'" % (vm_ip, password)) get_cidrs_cmd = "ip addr show | grep inet | grep -v secondary | awk '{print $2}'" cidrs = CsHelper.execute(get_cidrs_cmd) logging.debug("Found these CIDRs: %s" % cidrs) for cidr in cidrs: logging.debug("Processing CIDR '%s'" % cidr) if IPAddress(vm_ip) in IPNetwork(cidr): ip = cidr.split('/')[0] logging.debug( "Cidr %s matches vm ip address %s so adding passwd to passwd server at %s" % (cidr, vm_ip, ip)) proc = CsProcess(['/opt/cloud/bin/passwd_server_ip.py', ip]) if proc.find(): update_command = 'curl --header "DomU_Request: save_password" "http://{SERVER_IP}:8080/" -F "ip={VM_IP}" -F "password={PASSWORD}" ' \ '-F "token={TOKEN}" --interface 127.0.0.1 >/dev/null 2>/dev/null &'.format(SERVER_IP=ip, VM_IP=vm_ip, PASSWORD=password, TOKEN=token) result = CsHelper.execute(update_command) logging.debug("Update password server result ==> %s" % result) else: logging.debug( "Update password server skipped because we didn't find a passwd server process for %s (makes sense on backup routers)" % ip)
def __update(self, vm_ip, password): token = "" try: tokenFile = open(self.TOKEN_FILE) token = tokenFile.read() except IOError: logging.debug("File %s does not exist" % self.TOKEN_FILE) logging.debug("Got VM '%s' and password '%s'" % (vm_ip, password)) get_cidrs_cmd = "ip addr show | grep inet | grep -v secondary | awk '{print $2}'" cidrs = CsHelper.execute(get_cidrs_cmd) logging.debug("Found these CIDRs: %s" % cidrs) for cidr in cidrs: logging.debug("Processing CIDR '%s'" % cidr) if IPAddress(vm_ip) in IPNetwork(cidr): ip = cidr.split('/')[0] logging.debug("Cidr %s matches vm ip address %s so adding passwd to passwd server at %s" % (cidr, vm_ip, ip)) proc = CsProcess(['/opt/cloud/bin/passwd_server_ip.py', ip]) if proc.find(): update_command = 'curl --header "DomU_Request: save_password" "http://{SERVER_IP}:8080/" -F "ip={VM_IP}" -F "password={PASSWORD}" ' \ '-F "token={TOKEN}" --interface 127.0.0.1 >/dev/null 2>/dev/null &'.format(SERVER_IP=ip, VM_IP=vm_ip, PASSWORD=password, TOKEN=token) result = CsHelper.execute(update_command) logging.debug("Update password server result ==> %s" % result) else: logging.debug("Update password server skipped because we didn't find a passwd server process for %s (makes sense on backup routers)" % ip)
def stop(self): proc = CsProcess(["Password Service"]) pid = proc.grep("passwd_server_ip.py %s" % self.ip) proc.kill(pid) pid = proc.grep("passwd_server_ip %s" % self.ip) proc.kill(pid) pid = proc.grep("8080,reuseaddr,fork,crnl,bind=%s" % self.ip) proc.kill(pid)
def __update(self, vm_ip, password): token = "" try: token_file = open(self.TOKEN_FILE) token = token_file.read() except IOError: logging.debug("File %s does not exist" % self.TOKEN_FILE) logging.debug("Got VM '%s' and password '%s'" % (vm_ip, password)) get_cidrs_cmd = "ip addr show | grep inet | grep -v secondary | awk '{print $2}'" cidrs = CsHelper.execute(get_cidrs_cmd) logging.debug("Found these CIDRs: %s" % cidrs) for cidr in cidrs: logging.debug("Processing CIDR '%s'" % cidr) if CsHelper.IPAddress(vm_ip) in CsHelper.IPNetwork(cidr): ip = cidr.split('/')[0] logging.debug( "Cidr %s matches vm ip address %s so adding passwd to passwd server at %s" % (cidr, vm_ip, ip)) proc = CsProcess( ['/opt/cosmic/router/bin/passwd_server_ip.py', ip]) max_tries = 5 test_tries = 0 while test_tries < max_tries: logging.debug("Updating passwd server on %s" % ip) if proc.find(): url = "http://{SERVER_IP}:8080/".format(SERVER_IP=ip) headers = {'DomU_Request': 'save_password'} params = { 'ip': vm_ip, 'password': password, 'token': token } req = urllib2.Request(url, urllib.urlencode(params), headers=headers) try: res = urllib2.urlopen(req).read() if res.code == 200: logging.debug( "Update password server result ==> %s" % res) return res except Exception as e: logging.debug( "Error while querying password server ==> %s" % e.message) test_tries += 1 logging.debug( "Testing password server process round %s/%s" % (test_tries, max_tries)) time.sleep(2) logging.debug( "Update password server skipped because we didn't find a passwd server process for " "%s (makes sense on backup routers)" % ip)
def __update(self, vm_ip, password): token = "" try: token_file = open(self.TOKEN_FILE) token = token_file.read() except IOError: logging.debug("File %s does not exist" % self.TOKEN_FILE) logging.debug("Got VM '%s' and password '%s'" % (vm_ip, password)) get_cidrs_cmd = "ip addr show | grep inet | grep -v secondary | awk '{print $2}'" cidrs = CsHelper.execute(get_cidrs_cmd) logging.debug("Found these CIDRs: %s" % cidrs) for cidr in cidrs: logging.debug("Processing CIDR '%s'" % cidr) if CsHelper.IPAddress(vm_ip) in CsHelper.IPNetwork(cidr): ip = cidr.split('/')[0] logging.debug( "Cidr %s matches vm ip address %s so adding passwd to passwd server at %s" % (cidr, vm_ip, ip)) proc = CsProcess(['/opt/cosmic/router/bin/passwd_server_ip.py', ip]) max_tries = 5 test_tries = 0 while test_tries < max_tries: logging.debug("Updating passwd server on %s" % ip) if proc.find(): url = "http://{SERVER_IP}:8080/".format(SERVER_IP=ip) headers = {'DomU_Request': 'save_password'} params = {'ip': vm_ip, 'password': password, 'token': token} req = urllib2.Request(url, urllib.urlencode(params), headers=headers) try: res = urllib2.urlopen(req) if res.getcode() == 200: logging.debug("Update password server result ==> %s" % res.read()) return 0 except Exception as e: logging.debug("Error while querying password server ==> %s" % e.message) return 1 test_tries += 1 logging.debug("Testing password server process round %s/%s" % (test_tries, max_tries)) time.sleep(2) logging.debug("Update password server skipped because we didn't find a passwd server process for " "%s (makes sense on backup routers)" % ip) return 1 # on a non-master router no passwords to set, so we finish with success return 0
def _redundant_on(self): guest = self.address.get_guest_if() # No redundancy if there is no guest network if self.cl.is_master() or guest is None: for obj in [o for o in self.address.get_ips() if o.is_public()]: self.check_is_up(obj.get_device()) if guest is None: self._redundant_off() return CsHelper.mkdir(self.CS_RAMDISK_DIR, 0755, False) CsHelper.mount_tmpfs(self.CS_RAMDISK_DIR) CsHelper.mkdir(self.CS_ROUTER_DIR, 0755, False) for s in self.CS_TEMPLATES: d = s if s.endswith(".templ"): d = s.replace(".templ", "") CsHelper.copy_if_needed("%s/%s" % (self.CS_TEMPLATES_DIR, s), "%s/%s" % (self.CS_ROUTER_DIR, d)) CsHelper.copy_if_needed("%s/%s" % (self.CS_TEMPLATES_DIR, "keepalived.conf.templ"), self.KEEPALIVED_CONF) CsHelper.copy_if_needed("%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ"), self.CONNTRACKD_CONF) CsHelper.copy_if_needed("%s/%s" % (self.CS_TEMPLATES_DIR, "checkrouter.sh.templ"), "/opt/cloud/bin/checkrouter.sh") CsHelper.execute('sed -i "s/--exec\ \$DAEMON;/--exec\ \$DAEMON\ --\ --vrrp;/g" /etc/init.d/keepalived') # checkrouter.sh configuration file = CsFile("/opt/cloud/bin/checkrouter.sh") file.greplace("[RROUTER_LOG]", self.RROUTER_LOG) file.commit() # keepalived configuration file = CsFile(self.KEEPALIVED_CONF) ads = [o for o in self.address.get_ips() if o.is_public()] # Add a comment for each public IP. If any change this will cause keepalived to restart # As things stand keepalived will be configured before the IP is added or deleted i = 0 for o in ads: file.addeq("! %s=%s" % (i, o.get_cidr())) i = i + 1 file.search(" router_id ", " router_id %s" % self.cl.get_name()) file.search(" priority ", " priority %s" % self.cl.get_priority()) file.search(" interface ", " interface %s" % guest.get_device()) file.search(" state ", " state %s" % "EQUAL") file.search(" virtual_router_id ", " virtual_router_id %s" % self.cl.get_router_id()) file.greplace("[RROUTER_BIN_PATH]", self.CS_ROUTER_DIR) file.section("authentication {", "}", [" auth_type AH \n", " auth_pass %s\n" % self.cl.get_router_password()]) file.section("virtual_ipaddress {", "}", self._collect_ips()) file.commit() # conntrackd configuration connt = CsFile(self.CONNTRACKD_CONF) if guest is not None: connt.section("Multicast {", "}", [ "IPv4_address 225.0.0.50\n", "Group 3780\n", "IPv4_interface %s\n" % guest.get_ip(), "Interface %s\n" % guest.get_device(), "SndSocketBuffer 1249280\n", "RcvSocketBuffer 1249280\n", "Checksum on\n"]) connt.section("Address Ignore {", "}", self._collect_ignore_ips()) connt.commit() if connt.is_changed(): CsHelper.service("conntrackd", "restart") if file.is_changed(): CsHelper.service("keepalived", "reload") # Configure heartbeat cron job cron = CsFile("/etc/cron.d/heartbeat") cron.add("SHELL=/bin/bash", 0) cron.add("PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1) cron.add("*/1 * * * * root $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1) cron.commit() proc = CsProcess(['/usr/sbin/keepalived', '--vrrp']) if not proc.find(): CsHelper.service("keepalived", "restart")
def start(self): proc = CsProcess(["dummy"]) if proc.grep("passwd_server_ip %s" % self.ip) == -1: proc.start("/opt/cloud/bin/passwd_server_ip %s >> /var/log/cloud.log 2>&1" % self.ip, "&")
def _redundant_on(self): guest = self.address.get_guest_if() # No redundancy if there is no guest network if guest is None: self.set_backup() self._redundant_off() return interfaces = [ interface for interface in self.address.get_interfaces() if interface.is_guest() ] isDeviceReady = False dev = '' for interface in interfaces: if dev == interface.get_device(): continue dev = interface.get_device() logging.info( "Wait for devices to be configured so we can start keepalived") devConfigured = CsDevice(dev, self.config).waitfordevice() if devConfigured: command = "ip link show %s | grep 'state UP'" % dev devUp = CsHelper.execute(command) if devUp: logging.info( "Device %s is present, let's start keepalived now." % dev) isDeviceReady = True if not isDeviceReady: logging.info( "Guest network not configured yet, let's stop router redundancy for now." ) CsHelper.service("conntrackd", "stop") CsHelper.service("keepalived", "stop") return CsHelper.mkdir(self.CS_RAMDISK_DIR, 0755, False) CsHelper.mount_tmpfs(self.CS_RAMDISK_DIR) CsHelper.mkdir(self.CS_ROUTER_DIR, 0755, False) for s in self.CS_TEMPLATES: d = s if s.endswith(".templ"): d = s.replace(".templ", "") CsHelper.copy_if_needed("%s/%s" % (self.CS_TEMPLATES_DIR, s), "%s/%s" % (self.CS_ROUTER_DIR, d)) CsHelper.copy_if_needed( "%s/%s" % (self.CS_TEMPLATES_DIR, "keepalived.conf.templ"), self.KEEPALIVED_CONF) CsHelper.copy_if_needed( "%s/%s" % (self.CS_TEMPLATES_DIR, "checkrouter.sh.templ"), "/opt/cloud/bin/checkrouter.sh") CsHelper.execute( 'sed -i "s/--exec $DAEMON;/--exec $DAEMON -- --vrrp;/g" /etc/init.d/keepalived' ) # checkrouter.sh configuration check_router = CsFile("/opt/cloud/bin/checkrouter.sh") check_router.greplace("[RROUTER_LOG]", self.RROUTER_LOG) check_router.commit() # keepalived configuration keepalived_conf = CsFile(self.KEEPALIVED_CONF) keepalived_conf.search(" router_id ", " router_id %s" % self.cl.get_name()) keepalived_conf.search(" interface ", " interface %s" % guest.get_device()) keepalived_conf.search(" advert_int ", " advert_int %s" % self.cl.get_advert_int()) keepalived_conf.greplace("[RROUTER_BIN_PATH]", self.CS_ROUTER_DIR) keepalived_conf.section("authentication {", "}", [ " auth_type AH \n", " auth_pass %s\n" % self.cl.get_router_password()[:8] ]) keepalived_conf.section("virtual_ipaddress {", "}", self._collect_ips()) # conntrackd configuration conntrackd_template_conf = "%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ") conntrackd_temp_bkp = "%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ.bkp") CsHelper.copy(conntrackd_template_conf, conntrackd_temp_bkp) conntrackd_tmpl = CsFile(conntrackd_template_conf) conntrackd_tmpl.section("Multicast {", "}", [ "IPv4_address 225.0.0.50\n", "Group 3780\n", "IPv4_interface %s\n" % guest.get_ip(), "Interface %s\n" % guest.get_device(), "SndSocketBuffer 1249280\n", "RcvSocketBuffer 1249280\n", "Checksum on\n" ]) conntrackd_tmpl.section("Address Ignore {", "}", self._collect_ignore_ips()) conntrackd_tmpl.commit() conntrackd_conf = CsFile(self.CONNTRACKD_CONF) is_equals = conntrackd_tmpl.compare(conntrackd_conf) force_keepalived_restart = False proc = CsProcess(['/etc/conntrackd/conntrackd.conf']) if not proc.find() or not is_equals: CsHelper.copy(conntrackd_template_conf, self.CONNTRACKD_CONF) CsHelper.service("conntrackd", "restart") force_keepalived_restart = True # Restore the template file and remove the backup. CsHelper.copy(conntrackd_temp_bkp, conntrackd_template_conf) CsHelper.execute("rm -rf %s" % conntrackd_temp_bkp) # Configure heartbeat cron job - runs every 30 seconds heartbeat_cron = CsFile("/etc/cron.d/heartbeat") heartbeat_cron.add("SHELL=/bin/bash", 0) heartbeat_cron.add( "PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1) heartbeat_cron.add( "* * * * * root $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1) heartbeat_cron.add( "* * * * * root sleep 30; $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1) heartbeat_cron.commit() proc = CsProcess(['/usr/sbin/keepalived']) if not proc.find(): force_keepalived_restart = True if keepalived_conf.is_changed() or force_keepalived_restart: keepalived_conf.commit() os.chmod(self.KEEPALIVED_CONF, 0o644) if force_keepalived_restart or not self.cl.is_primary(): CsHelper.service("keepalived", "restart") else: CsHelper.service("keepalived", "reload")
def _redundant_on(self): guest = self.address.get_guest_if() # No redundancy if there is no guest network if guest is None: self._redundant_off() return interfaces = [interface for interface in self.address.get_ips() if interface.is_guest()] isDeviceReady = False dev = '' for interface in interfaces: if dev == interface.get_device(): continue dev = interface.get_device() logging.info("Wait for devices to be configured so we can start keepalived") devConfigured = CsDevice(dev, self.config).waitfordevice() if devConfigured: command = "ip link show %s | grep 'state UP'" % dev devUp = CsHelper.execute(command) if devUp: logging.info("Device %s is present, let's start keepalive now." % dev) isDeviceReady = True if not isDeviceReady: logging.info("Guest network not configured yet, let's stop router redundancy for now.") CsHelper.service("conntrackd", "stop") CsHelper.service("keepalived", "stop") return CsHelper.mkdir(self.CS_RAMDISK_DIR, 0755, False) CsHelper.mount_tmpfs(self.CS_RAMDISK_DIR) CsHelper.mkdir(self.CS_ROUTER_DIR, 0755, False) for s in self.CS_TEMPLATES: d = s if s.endswith(".templ"): d = s.replace(".templ", "") CsHelper.copy_if_needed( "%s/%s" % (self.CS_TEMPLATES_DIR, s), "%s/%s" % (self.CS_ROUTER_DIR, d)) CsHelper.copy_if_needed( "%s/%s" % (self.CS_TEMPLATES_DIR, "keepalived.conf.templ"), self.KEEPALIVED_CONF) CsHelper.copy_if_needed( "%s/%s" % (self.CS_TEMPLATES_DIR, "checkrouter.sh.templ"), "/opt/cloud/bin/checkrouter.sh") CsHelper.execute( 'sed -i "s/--exec\ \$DAEMON;/--exec\ \$DAEMON\ --\ --vrrp;/g" /etc/init.d/keepalived') # checkrouter.sh configuration check_router = CsFile("/opt/cloud/bin/checkrouter.sh") check_router.greplace("[RROUTER_LOG]", self.RROUTER_LOG) check_router.commit() # keepalived configuration keepalived_conf = CsFile(self.KEEPALIVED_CONF) keepalived_conf.search( " router_id ", " router_id %s" % self.cl.get_name()) keepalived_conf.search( " interface ", " interface %s" % guest.get_device()) keepalived_conf.greplace("[RROUTER_BIN_PATH]", self.CS_ROUTER_DIR) keepalived_conf.section("authentication {", "}", [ " auth_type AH \n", " auth_pass %s\n" % self.cl.get_router_password()]) keepalived_conf.section( "virtual_ipaddress {", "}", self._collect_ips()) # conntrackd configuration conntrackd_template_conf = "%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ") conntrackd_temp_bkp = "%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ.bkp") CsHelper.copy(conntrackd_template_conf, conntrackd_temp_bkp) conntrackd_tmpl = CsFile(conntrackd_template_conf) conntrackd_tmpl.section("Multicast {", "}", [ "IPv4_address 225.0.0.50\n", "Group 3780\n", "IPv4_interface %s\n" % guest.get_ip(), "Interface %s\n" % guest.get_device(), "SndSocketBuffer 1249280\n", "RcvSocketBuffer 1249280\n", "Checksum on\n"]) conntrackd_tmpl.section("Address Ignore {", "}", self._collect_ignore_ips()) conntrackd_tmpl.commit() conntrackd_conf = CsFile(self.CONNTRACKD_CONF) is_equals = conntrackd_tmpl.compare(conntrackd_conf) proc = CsProcess(['/etc/conntrackd/conntrackd.conf']) if not proc.find() or not is_equals: CsHelper.copy(conntrackd_template_conf, self.CONNTRACKD_CONF) CsHelper.service("conntrackd", "restart") # Restore the template file and remove the backup. CsHelper.copy(conntrackd_temp_bkp, conntrackd_template_conf) CsHelper.execute("rm -rf %s" % conntrackd_temp_bkp) # Configure heartbeat cron job - runs every 30 seconds heartbeat_cron = CsFile("/etc/cron.d/heartbeat") heartbeat_cron.add("SHELL=/bin/bash", 0) heartbeat_cron.add( "PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1) heartbeat_cron.add( "* * * * * root $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1) heartbeat_cron.add( "* * * * * root sleep 30; $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1) heartbeat_cron.commit() proc = CsProcess(['/usr/sbin/keepalived']) if not proc.find() or keepalived_conf.is_changed(): keepalived_conf.commit() CsHelper.service("keepalived", "restart")
def start(self): proc = CsProcess(["dummy"]) if proc.grep("passwd_server_ip %s" % self.ip) == -1: proc.start( "/opt/cloud/bin/passwd_server_ip %s >> /var/log/cloud.log 2>&1" % self.ip, "&")
def _redundant_on(self): guest = self.address.get_guest_if() # No redundancy if there is no guest network if guest is None: self._redundant_off() return CsHelper.mkdir(self.CS_RAMDISK_DIR, 0755, False) CsHelper.mount_tmpfs(self.CS_RAMDISK_DIR) CsHelper.mkdir(self.CS_ROUTER_DIR, 0755, False) for s in self.CS_TEMPLATES: d = s if s.endswith(".templ"): d = s.replace(".templ", "") CsHelper.copy_if_needed( "%s/%s" % (self.CS_TEMPLATES_DIR, s), "%s/%s" % (self.CS_ROUTER_DIR, d)) CsHelper.copy_if_needed( "%s/%s" % (self.CS_TEMPLATES_DIR, "keepalived.conf.templ"), self.KEEPALIVED_CONF) CsHelper.copy_if_needed( "%s/%s" % (self.CS_TEMPLATES_DIR, "checkrouter.sh.templ"), "/opt/cloud/bin/checkrouter.sh") CsHelper.execute( 'sed -i "s/--exec\ \$DAEMON;/--exec\ \$DAEMON\ --\ --vrrp;/g" /etc/init.d/keepalived') # checkrouter.sh configuration check_router = CsFile("/opt/cloud/bin/checkrouter.sh") check_router.greplace("[RROUTER_LOG]", self.RROUTER_LOG) check_router.commit() # keepalived configuration keepalived_conf = CsFile(self.KEEPALIVED_CONF) keepalived_conf.search( " router_id ", " router_id %s" % self.cl.get_name()) keepalived_conf.search( " interface ", " interface %s" % guest.get_device()) keepalived_conf.search( " virtual_router_id ", " virtual_router_id %s" % self.cl.get_router_id()) keepalived_conf.greplace("[RROUTER_BIN_PATH]", self.CS_ROUTER_DIR) keepalived_conf.section("authentication {", "}", [ " auth_type AH \n", " auth_pass %s\n" % self.cl.get_router_password()]) keepalived_conf.section( "virtual_ipaddress {", "}", self._collect_ips()) # conntrackd configuration conntrackd_template_conf = "%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ") conntrackd_temp_bkp = "%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ.bkp") CsHelper.copy(conntrackd_template_conf, conntrackd_temp_bkp) conntrackd_tmpl = CsFile(conntrackd_template_conf) if guest is not None: conntrackd_tmpl.section("Multicast {", "}", [ "IPv4_address 225.0.0.50\n", "Group 3780\n", "IPv4_interface %s\n" % guest.get_ip(), "Interface %s\n" % guest.get_device(), "SndSocketBuffer 1249280\n", "RcvSocketBuffer 1249280\n", "Checksum on\n"]) conntrackd_tmpl.section("Address Ignore {", "}", self._collect_ignore_ips()) conntrackd_tmpl.commit() conntrackd_conf = CsFile(self.CONNTRACKD_CONF) is_equals = conntrackd_tmpl.compare(conntrackd_conf) proc = CsProcess(['/etc/conntrackd/conntrackd.conf']) if not proc.find() or not is_equals: CsHelper.copy(conntrackd_template_conf, self.CONNTRACKD_CONF) CsHelper.service("conntrackd", "restart") # Restore the template file and remove the backup. CsHelper.copy(conntrackd_temp_bkp, conntrackd_template_conf) CsHelper.execute("rm -rf %s" % conntrackd_temp_bkp) # Configure heartbeat cron job - runs every 30 seconds heartbeat_cron = CsFile("/etc/cron.d/heartbeat") heartbeat_cron.add("SHELL=/bin/bash", 0) heartbeat_cron.add( "PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1) heartbeat_cron.add( "* * * * * root $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1) heartbeat_cron.add( "* * * * * root sleep 30; $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1) heartbeat_cron.commit() # Configure KeepaliveD cron job - runs at every reboot keepalived_cron = CsFile("/etc/cron.d/keepalived") keepalived_cron.add("SHELL=/bin/bash", 0) keepalived_cron.add( "PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1) keepalived_cron.add("@reboot root service keepalived start", -1) keepalived_cron.commit() # Configure ConntrackD cron job - runs at every reboot conntrackd_cron = CsFile("/etc/cron.d/conntrackd") conntrackd_cron.add("SHELL=/bin/bash", 0) conntrackd_cron.add( "PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1) conntrackd_cron.add("@reboot root service conntrackd start", -1) conntrackd_cron.commit() proc = CsProcess(['/usr/sbin/keepalived']) if not proc.find() or keepalived_conf.is_changed(): keepalived_conf.commit() CsHelper.service("keepalived", "restart")
def _redundant_on(self): guest = self.address.get_guest_if() # No redundancy if there is no guest network if self.cl.is_master() or guest is None: for obj in [o for o in self.address.get_ips() if o.is_public()]: self.check_is_up(obj.get_device()) if guest is None: self._redundant_off() return CsHelper.mkdir(self.CS_RAMDISK_DIR, 0755, False) CsHelper.mount_tmpfs(self.CS_RAMDISK_DIR) CsHelper.mkdir(self.CS_ROUTER_DIR, 0755, False) for s in self.CS_TEMPLATES: d = s if s.endswith(".templ"): d = s.replace(".templ", "") CsHelper.copy_if_needed( "%s/%s" % (self.CS_TEMPLATES_DIR, s), "%s/%s" % (self.CS_ROUTER_DIR, d)) CsHelper.copy( "%s/%s" % (self.CS_TEMPLATES_DIR, "keepalived.conf.templ"), self.KEEPALIVED_CONF) CsHelper.copy_if_needed( "%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ"), self.CONNTRACKD_CONF) CsHelper.copy_if_needed( "%s/%s" % (self.CS_TEMPLATES_DIR, "checkrouter.sh.templ"), "/opt/cloud/bin/checkrouter.sh") CsHelper.execute( 'sed -i "s/--exec\ \$DAEMON;/--exec\ \$DAEMON\ --\ --vrrp;/g" /etc/init.d/keepalived') # checkrouter.sh configuration check_router = CsFile("/opt/cloud/bin/checkrouter.sh") check_router.greplace("[RROUTER_LOG]", self.RROUTER_LOG) check_router.commit() # keepalived configuration keepalived_conf = CsFile(self.KEEPALIVED_CONF) keepalived_conf.search( " router_id ", " router_id %s" % self.cl.get_name()) keepalived_conf.search( " interface ", " interface %s" % guest.get_device()) keepalived_conf.search( " virtual_router_id ", " virtual_router_id %s" % self.cl.get_router_id()) keepalived_conf.greplace("[RROUTER_BIN_PATH]", self.CS_ROUTER_DIR) keepalived_conf.section("authentication {", "}", [ " auth_type AH \n", " auth_pass %s\n" % self.cl.get_router_password()]) keepalived_conf.section( "virtual_ipaddress {", "}", self._collect_ips()) keepalived_conf.commit() # conntrackd configuration connt = CsFile(self.CONNTRACKD_CONF) if guest is not None: connt.section("Multicast {", "}", [ "IPv4_address 225.0.0.50\n", "Group 3780\n", "IPv4_interface %s\n" % guest.get_ip(), "Interface %s\n" % guest.get_device(), "SndSocketBuffer 1249280\n", "RcvSocketBuffer 1249280\n", "Checksum on\n"]) connt.section("Address Ignore {", "}", self._collect_ignore_ips()) connt.commit() if connt.is_changed(): CsHelper.service("conntrackd", "restart") # Configure heartbeat cron job - runs every 30 seconds heartbeat_cron = CsFile("/etc/cron.d/heartbeat") heartbeat_cron.add("SHELL=/bin/bash", 0) heartbeat_cron.add( "PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1) heartbeat_cron.add( "* * * * * root $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1) heartbeat_cron.add( "* * * * * root sleep 30; $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1) heartbeat_cron.commit() # Configure KeepaliveD cron job - runs at every reboot keepalived_cron = CsFile("/etc/cron.d/keepalived") keepalived_cron.add("SHELL=/bin/bash", 0) keepalived_cron.add( "PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1) keepalived_cron.add("@reboot root service keepalived start", -1) keepalived_cron.commit() # Configure ConntrackD cron job - runs at every reboot conntrackd_cron = CsFile("/etc/cron.d/conntrackd") conntrackd_cron.add("SHELL=/bin/bash", 0) conntrackd_cron.add( "PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1) conntrackd_cron.add("@reboot root service conntrackd start", -1) conntrackd_cron.commit() proc = CsProcess(['/usr/sbin/keepalived', '--vrrp']) if not proc.find() or keepalived_conf.is_changed(): CsHelper.service("keepalived", "restart")