def process(self):
if "config" not in self.dbag.keys():
return
if 'configuration' not in self.dbag['config'][0].keys():
return
config = self.dbag['config'][0]['configuration']
file1 = CsFile(HAPROXY_CONF_T)
file1.empty()
for x in config:
[file1.append(w, -1) for w in x.split('\n')]
file1.commit()
file2 = CsFile(HAPROXY_CONF_P)
if not file2.compare(file1):
CsHelper.copy(HAPROXY_CONF_T, HAPROXY_CONF_P)
proc = CsProcess(['/var/run/haproxy.pid'])
if not proc.find():
logging.debug("CsLoadBalancer:: will restart HAproxy!")
CsHelper.service("haproxy", "restart")
else:
logging.debug("CsLoadBalancer:: will reload HAproxy!")
CsHelper.service("haproxy", "reload")
add_rules = self.dbag['config'][0]['add_rules']
remove_rules = self.dbag['config'][0]['remove_rules']
stat_rules = self.dbag['config'][0]['stat_rules']
self._configure_firewall(add_rules, remove_rules, stat_rules)
def __update(self, vm_ip, password):
token = ""
try:
tokenFile = open(self.TOKEN_FILE)
token = tokenFile.read()
except IOError:
logging.debug("File %s does not exist" % self.TOKEN_FILE)
logging.debug("Got VM '%s' and password '%s'" % (vm_ip, password))
get_cidrs_cmd = "ip addr show | grep inet | grep -v secondary | awk '{print $2}'"
cidrs = CsHelper.execute(get_cidrs_cmd)
logging.debug("Found these CIDRs: %s" % cidrs)
for cidr in cidrs:
logging.debug("Processing CIDR '%s'" % cidr)
if IPAddress(vm_ip) in IPNetwork(cidr):
ip = cidr.split('/')[0]
logging.debug(
"Cidr %s matches vm ip address %s so adding passwd to passwd server at %s"
% (cidr, vm_ip, ip))
proc = CsProcess(['/opt/cloud/bin/passwd_server_ip.py', ip])
if proc.find():
update_command = 'curl --header "DomU_Request: save_password" "http://{SERVER_IP}:8080/" -F "ip={VM_IP}" -F "password={PASSWORD}" ' \
'-F "token={TOKEN}" --interface 127.0.0.1 >/dev/null 2>/dev/null &'.format(SERVER_IP=ip, VM_IP=vm_ip, PASSWORD=password, TOKEN=token)
result = CsHelper.execute(update_command)
logging.debug("Update password server result ==> %s" %
result)
else:
logging.debug(
"Update password server skipped because we didn't find a passwd server process for %s (makes sense on backup routers)"
% ip)
def process(self):
if "config" not in self.dbag.keys():
return
if 'configuration' not in self.dbag['config'][0].keys():
return
config = self.dbag['config'][0]['configuration']
file1 = CsFile(HAPROXY_CONF_T)
file1.empty()
for x in config:
[file1.append(w, -1) for w in x.split('\n')]
file1.commit()
file2 = CsFile(HAPROXY_CONF_P)
if not file2.compare(file1):
CsHelper.copy(HAPROXY_CONF_T, HAPROXY_CONF_P)
proc = CsProcess(['/var/run/haproxy.pid'])
if not proc.find():
logging.debug("CsLoadBalancer:: will restart HAproxy!")
CsHelper.service("haproxy", "restart")
else:
logging.debug("CsLoadBalancer:: will reload HAproxy!")
CsHelper.service("haproxy", "reload")
add_rules = self.dbag['config'][0]['add_rules']
remove_rules = self.dbag['config'][0]['remove_rules']
stat_rules = self.dbag['config'][0]['stat_rules']
self._configure_firewall(add_rules, remove_rules, stat_rules)
def __update(self, vm_ip, password):
token = ""
try:
tokenFile = open(self.TOKEN_FILE)
token = tokenFile.read()
except IOError:
logging.debug("File %s does not exist" % self.TOKEN_FILE)
logging.debug("Got VM '%s' and password '%s'" % (vm_ip, password))
get_cidrs_cmd = "ip addr show | grep inet | grep -v secondary | awk '{print $2}'"
cidrs = CsHelper.execute(get_cidrs_cmd)
logging.debug("Found these CIDRs: %s" % cidrs)
for cidr in cidrs:
logging.debug("Processing CIDR '%s'" % cidr)
if IPAddress(vm_ip) in IPNetwork(cidr):
ip = cidr.split('/')[0]
logging.debug("Cidr %s matches vm ip address %s so adding passwd to passwd server at %s" % (cidr, vm_ip, ip))
proc = CsProcess(['/opt/cloud/bin/passwd_server_ip.py', ip])
if proc.find():
update_command = 'curl --header "DomU_Request: save_password" "http://{SERVER_IP}:8080/" -F "ip={VM_IP}" -F "password={PASSWORD}" ' \
'-F "token={TOKEN}" --interface 127.0.0.1 >/dev/null 2>/dev/null &'.format(SERVER_IP=ip, VM_IP=vm_ip, PASSWORD=password, TOKEN=token)
result = CsHelper.execute(update_command)
logging.debug("Update password server result ==> %s" % result)
else:
logging.debug("Update password server skipped because we didn't find a passwd server process for %s (makes sense on backup routers)" % ip)
def stop(self):
proc = CsProcess(["Password Service"])
pid = proc.grep("passwd_server_ip.py %s" % self.ip)
proc.kill(pid)
pid = proc.grep("passwd_server_ip %s" % self.ip)
proc.kill(pid)
pid = proc.grep("8080,reuseaddr,fork,crnl,bind=%s" % self.ip)
proc.kill(pid)
def __update(self, vm_ip, password):
token = ""
try:
token_file = open(self.TOKEN_FILE)
token = token_file.read()
except IOError:
logging.debug("File %s does not exist" % self.TOKEN_FILE)
logging.debug("Got VM '%s' and password '%s'" % (vm_ip, password))
get_cidrs_cmd = "ip addr show | grep inet | grep -v secondary | awk '{print $2}'"
cidrs = CsHelper.execute(get_cidrs_cmd)
logging.debug("Found these CIDRs: %s" % cidrs)
for cidr in cidrs:
logging.debug("Processing CIDR '%s'" % cidr)
if CsHelper.IPAddress(vm_ip) in CsHelper.IPNetwork(cidr):
ip = cidr.split('/')[0]
logging.debug(
"Cidr %s matches vm ip address %s so adding passwd to passwd server at %s"
% (cidr, vm_ip, ip))
proc = CsProcess(
['/opt/cosmic/router/bin/passwd_server_ip.py', ip])
max_tries = 5
test_tries = 0
while test_tries < max_tries:
logging.debug("Updating passwd server on %s" % ip)
if proc.find():
url = "http://{SERVER_IP}:8080/".format(SERVER_IP=ip)
headers = {'DomU_Request': 'save_password'}
params = {
'ip': vm_ip,
'password': password,
'token': token
}
req = urllib2.Request(url,
urllib.urlencode(params),
headers=headers)
try:
res = urllib2.urlopen(req).read()
if res.code == 200:
logging.debug(
"Update password server result ==> %s" %
res)
return res
except Exception as e:
logging.debug(
"Error while querying password server ==> %s" %
e.message)
test_tries += 1
logging.debug(
"Testing password server process round %s/%s" %
(test_tries, max_tries))
time.sleep(2)
logging.debug(
"Update password server skipped because we didn't find a passwd server process for "
"%s (makes sense on backup routers)" % ip)
def __update(self, vm_ip, password):
token = ""
try:
token_file = open(self.TOKEN_FILE)
token = token_file.read()
except IOError:
logging.debug("File %s does not exist" % self.TOKEN_FILE)
logging.debug("Got VM '%s' and password '%s'" % (vm_ip, password))
get_cidrs_cmd = "ip addr show | grep inet | grep -v secondary | awk '{print $2}'"
cidrs = CsHelper.execute(get_cidrs_cmd)
logging.debug("Found these CIDRs: %s" % cidrs)
for cidr in cidrs:
logging.debug("Processing CIDR '%s'" % cidr)
if CsHelper.IPAddress(vm_ip) in CsHelper.IPNetwork(cidr):
ip = cidr.split('/')[0]
logging.debug(
"Cidr %s matches vm ip address %s so adding passwd to passwd server at %s" % (cidr, vm_ip, ip))
proc = CsProcess(['/opt/cosmic/router/bin/passwd_server_ip.py', ip])
max_tries = 5
test_tries = 0
while test_tries < max_tries:
logging.debug("Updating passwd server on %s" % ip)
if proc.find():
url = "http://{SERVER_IP}:8080/".format(SERVER_IP=ip)
headers = {'DomU_Request': 'save_password'}
params = {'ip': vm_ip, 'password': password, 'token': token}
req = urllib2.Request(url, urllib.urlencode(params), headers=headers)
try:
res = urllib2.urlopen(req)
if res.getcode() == 200:
logging.debug("Update password server result ==> %s" % res.read())
return 0
except Exception as e:
logging.debug("Error while querying password server ==> %s" % e.message)
return 1
test_tries += 1
logging.debug("Testing password server process round %s/%s" % (test_tries, max_tries))
time.sleep(2)
logging.debug("Update password server skipped because we didn't find a passwd server process for "
"%s (makes sense on backup routers)" % ip)
return 1
# on a non-master router no passwords to set, so we finish with success
return 0
def _redundant_on(self):
guest = self.address.get_guest_if()
# No redundancy if there is no guest network
if self.cl.is_master() or guest is None:
for obj in [o for o in self.address.get_ips() if o.is_public()]:
self.check_is_up(obj.get_device())
if guest is None:
self._redundant_off()
return
CsHelper.mkdir(self.CS_RAMDISK_DIR, 0755, False)
CsHelper.mount_tmpfs(self.CS_RAMDISK_DIR)
CsHelper.mkdir(self.CS_ROUTER_DIR, 0755, False)
for s in self.CS_TEMPLATES:
d = s
if s.endswith(".templ"):
d = s.replace(".templ", "")
CsHelper.copy_if_needed("%s/%s" % (self.CS_TEMPLATES_DIR, s), "%s/%s" % (self.CS_ROUTER_DIR, d))
CsHelper.copy_if_needed("%s/%s" % (self.CS_TEMPLATES_DIR, "keepalived.conf.templ"), self.KEEPALIVED_CONF)
CsHelper.copy_if_needed("%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ"), self.CONNTRACKD_CONF)
CsHelper.copy_if_needed("%s/%s" % (self.CS_TEMPLATES_DIR, "checkrouter.sh.templ"), "/opt/cloud/bin/checkrouter.sh")
CsHelper.execute('sed -i "s/--exec\ \$DAEMON;/--exec\ \$DAEMON\ --\ --vrrp;/g" /etc/init.d/keepalived')
# checkrouter.sh configuration
file = CsFile("/opt/cloud/bin/checkrouter.sh")
file.greplace("[RROUTER_LOG]", self.RROUTER_LOG)
file.commit()
# keepalived configuration
file = CsFile(self.KEEPALIVED_CONF)
ads = [o for o in self.address.get_ips() if o.is_public()]
# Add a comment for each public IP. If any change this will cause keepalived to restart
# As things stand keepalived will be configured before the IP is added or deleted
i = 0
for o in ads:
file.addeq("! %s=%s" % (i, o.get_cidr()))
i = i + 1
file.search(" router_id ", " router_id %s" % self.cl.get_name())
file.search(" priority ", " priority %s" % self.cl.get_priority())
file.search(" interface ", " interface %s" % guest.get_device())
file.search(" state ", " state %s" % "EQUAL")
file.search(" virtual_router_id ", " virtual_router_id %s" % self.cl.get_router_id())
file.greplace("[RROUTER_BIN_PATH]", self.CS_ROUTER_DIR)
file.section("authentication {", "}", [" auth_type AH \n", " auth_pass %s\n" % self.cl.get_router_password()])
file.section("virtual_ipaddress {", "}", self._collect_ips())
file.commit()
# conntrackd configuration
connt = CsFile(self.CONNTRACKD_CONF)
if guest is not None:
connt.section("Multicast {", "}", [
"IPv4_address 225.0.0.50\n",
"Group 3780\n",
"IPv4_interface %s\n" % guest.get_ip(),
"Interface %s\n" % guest.get_device(),
"SndSocketBuffer 1249280\n",
"RcvSocketBuffer 1249280\n",
"Checksum on\n"])
connt.section("Address Ignore {", "}", self._collect_ignore_ips())
connt.commit()
if connt.is_changed():
CsHelper.service("conntrackd", "restart")
if file.is_changed():
CsHelper.service("keepalived", "reload")
# Configure heartbeat cron job
cron = CsFile("/etc/cron.d/heartbeat")
cron.add("SHELL=/bin/bash", 0)
cron.add("PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1)
cron.add("*/1 * * * * root $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1)
cron.commit()
proc = CsProcess(['/usr/sbin/keepalived', '--vrrp'])
if not proc.find():
CsHelper.service("keepalived", "restart")
def start(self):
proc = CsProcess(["dummy"])
if proc.grep("passwd_server_ip %s" % self.ip) == -1:
proc.start("/opt/cloud/bin/passwd_server_ip %s >> /var/log/cloud.log 2>&1" % self.ip, "&")
def _redundant_on(self):
guest = self.address.get_guest_if()
# No redundancy if there is no guest network
if guest is None:
self.set_backup()
self._redundant_off()
return
interfaces = [
interface for interface in self.address.get_interfaces()
if interface.is_guest()
]
isDeviceReady = False
dev = ''
for interface in interfaces:
if dev == interface.get_device():
continue
dev = interface.get_device()
logging.info(
"Wait for devices to be configured so we can start keepalived")
devConfigured = CsDevice(dev, self.config).waitfordevice()
if devConfigured:
command = "ip link show %s | grep 'state UP'" % dev
devUp = CsHelper.execute(command)
if devUp:
logging.info(
"Device %s is present, let's start keepalived now." %
dev)
isDeviceReady = True
if not isDeviceReady:
logging.info(
"Guest network not configured yet, let's stop router redundancy for now."
)
CsHelper.service("conntrackd", "stop")
CsHelper.service("keepalived", "stop")
return
CsHelper.mkdir(self.CS_RAMDISK_DIR, 0755, False)
CsHelper.mount_tmpfs(self.CS_RAMDISK_DIR)
CsHelper.mkdir(self.CS_ROUTER_DIR, 0755, False)
for s in self.CS_TEMPLATES:
d = s
if s.endswith(".templ"):
d = s.replace(".templ", "")
CsHelper.copy_if_needed("%s/%s" % (self.CS_TEMPLATES_DIR, s),
"%s/%s" % (self.CS_ROUTER_DIR, d))
CsHelper.copy_if_needed(
"%s/%s" % (self.CS_TEMPLATES_DIR, "keepalived.conf.templ"),
self.KEEPALIVED_CONF)
CsHelper.copy_if_needed(
"%s/%s" % (self.CS_TEMPLATES_DIR, "checkrouter.sh.templ"),
"/opt/cloud/bin/checkrouter.sh")
CsHelper.execute(
'sed -i "s/--exec $DAEMON;/--exec $DAEMON -- --vrrp;/g" /etc/init.d/keepalived'
)
# checkrouter.sh configuration
check_router = CsFile("/opt/cloud/bin/checkrouter.sh")
check_router.greplace("[RROUTER_LOG]", self.RROUTER_LOG)
check_router.commit()
# keepalived configuration
keepalived_conf = CsFile(self.KEEPALIVED_CONF)
keepalived_conf.search(" router_id ",
" router_id %s" % self.cl.get_name())
keepalived_conf.search(" interface ",
" interface %s" % guest.get_device())
keepalived_conf.search(" advert_int ",
" advert_int %s" % self.cl.get_advert_int())
keepalived_conf.greplace("[RROUTER_BIN_PATH]", self.CS_ROUTER_DIR)
keepalived_conf.section("authentication {", "}", [
" auth_type AH \n",
" auth_pass %s\n" % self.cl.get_router_password()[:8]
])
keepalived_conf.section("virtual_ipaddress {", "}",
self._collect_ips())
# conntrackd configuration
conntrackd_template_conf = "%s/%s" % (self.CS_TEMPLATES_DIR,
"conntrackd.conf.templ")
conntrackd_temp_bkp = "%s/%s" % (self.CS_TEMPLATES_DIR,
"conntrackd.conf.templ.bkp")
CsHelper.copy(conntrackd_template_conf, conntrackd_temp_bkp)
conntrackd_tmpl = CsFile(conntrackd_template_conf)
conntrackd_tmpl.section("Multicast {", "}", [
"IPv4_address 225.0.0.50\n", "Group 3780\n",
"IPv4_interface %s\n" % guest.get_ip(),
"Interface %s\n" % guest.get_device(), "SndSocketBuffer 1249280\n",
"RcvSocketBuffer 1249280\n", "Checksum on\n"
])
conntrackd_tmpl.section("Address Ignore {", "}",
self._collect_ignore_ips())
conntrackd_tmpl.commit()
conntrackd_conf = CsFile(self.CONNTRACKD_CONF)
is_equals = conntrackd_tmpl.compare(conntrackd_conf)
force_keepalived_restart = False
proc = CsProcess(['/etc/conntrackd/conntrackd.conf'])
if not proc.find() or not is_equals:
CsHelper.copy(conntrackd_template_conf, self.CONNTRACKD_CONF)
CsHelper.service("conntrackd", "restart")
force_keepalived_restart = True
# Restore the template file and remove the backup.
CsHelper.copy(conntrackd_temp_bkp, conntrackd_template_conf)
CsHelper.execute("rm -rf %s" % conntrackd_temp_bkp)
# Configure heartbeat cron job - runs every 30 seconds
heartbeat_cron = CsFile("/etc/cron.d/heartbeat")
heartbeat_cron.add("SHELL=/bin/bash", 0)
heartbeat_cron.add(
"PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin",
1)
heartbeat_cron.add(
"* * * * * root $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" %
self.CS_ROUTER_DIR, -1)
heartbeat_cron.add(
"* * * * * root sleep 30; $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null"
% self.CS_ROUTER_DIR, -1)
heartbeat_cron.commit()
proc = CsProcess(['/usr/sbin/keepalived'])
if not proc.find():
force_keepalived_restart = True
if keepalived_conf.is_changed() or force_keepalived_restart:
keepalived_conf.commit()
os.chmod(self.KEEPALIVED_CONF, 0o644)
if force_keepalived_restart or not self.cl.is_primary():
CsHelper.service("keepalived", "restart")
else:
CsHelper.service("keepalived", "reload")
def _redundant_on(self):
guest = self.address.get_guest_if()
# No redundancy if there is no guest network
if guest is None:
self._redundant_off()
return
interfaces = [interface for interface in self.address.get_ips() if interface.is_guest()]
isDeviceReady = False
dev = ''
for interface in interfaces:
if dev == interface.get_device():
continue
dev = interface.get_device()
logging.info("Wait for devices to be configured so we can start keepalived")
devConfigured = CsDevice(dev, self.config).waitfordevice()
if devConfigured:
command = "ip link show %s | grep 'state UP'" % dev
devUp = CsHelper.execute(command)
if devUp:
logging.info("Device %s is present, let's start keepalive now." % dev)
isDeviceReady = True
if not isDeviceReady:
logging.info("Guest network not configured yet, let's stop router redundancy for now.")
CsHelper.service("conntrackd", "stop")
CsHelper.service("keepalived", "stop")
return
CsHelper.mkdir(self.CS_RAMDISK_DIR, 0755, False)
CsHelper.mount_tmpfs(self.CS_RAMDISK_DIR)
CsHelper.mkdir(self.CS_ROUTER_DIR, 0755, False)
for s in self.CS_TEMPLATES:
d = s
if s.endswith(".templ"):
d = s.replace(".templ", "")
CsHelper.copy_if_needed(
"%s/%s" % (self.CS_TEMPLATES_DIR, s), "%s/%s" % (self.CS_ROUTER_DIR, d))
CsHelper.copy_if_needed(
"%s/%s" % (self.CS_TEMPLATES_DIR, "keepalived.conf.templ"), self.KEEPALIVED_CONF)
CsHelper.copy_if_needed(
"%s/%s" % (self.CS_TEMPLATES_DIR, "checkrouter.sh.templ"), "/opt/cloud/bin/checkrouter.sh")
CsHelper.execute(
'sed -i "s/--exec\ \$DAEMON;/--exec\ \$DAEMON\ --\ --vrrp;/g" /etc/init.d/keepalived')
# checkrouter.sh configuration
check_router = CsFile("/opt/cloud/bin/checkrouter.sh")
check_router.greplace("[RROUTER_LOG]", self.RROUTER_LOG)
check_router.commit()
# keepalived configuration
keepalived_conf = CsFile(self.KEEPALIVED_CONF)
keepalived_conf.search(
" router_id ", " router_id %s" % self.cl.get_name())
keepalived_conf.search(
" interface ", " interface %s" % guest.get_device())
keepalived_conf.greplace("[RROUTER_BIN_PATH]", self.CS_ROUTER_DIR)
keepalived_conf.section("authentication {", "}", [
" auth_type AH \n", " auth_pass %s\n" % self.cl.get_router_password()])
keepalived_conf.section(
"virtual_ipaddress {", "}", self._collect_ips())
# conntrackd configuration
conntrackd_template_conf = "%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ")
conntrackd_temp_bkp = "%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ.bkp")
CsHelper.copy(conntrackd_template_conf, conntrackd_temp_bkp)
conntrackd_tmpl = CsFile(conntrackd_template_conf)
conntrackd_tmpl.section("Multicast {", "}", [
"IPv4_address 225.0.0.50\n",
"Group 3780\n",
"IPv4_interface %s\n" % guest.get_ip(),
"Interface %s\n" % guest.get_device(),
"SndSocketBuffer 1249280\n",
"RcvSocketBuffer 1249280\n",
"Checksum on\n"])
conntrackd_tmpl.section("Address Ignore {", "}", self._collect_ignore_ips())
conntrackd_tmpl.commit()
conntrackd_conf = CsFile(self.CONNTRACKD_CONF)
is_equals = conntrackd_tmpl.compare(conntrackd_conf)
proc = CsProcess(['/etc/conntrackd/conntrackd.conf'])
if not proc.find() or not is_equals:
CsHelper.copy(conntrackd_template_conf, self.CONNTRACKD_CONF)
CsHelper.service("conntrackd", "restart")
# Restore the template file and remove the backup.
CsHelper.copy(conntrackd_temp_bkp, conntrackd_template_conf)
CsHelper.execute("rm -rf %s" % conntrackd_temp_bkp)
# Configure heartbeat cron job - runs every 30 seconds
heartbeat_cron = CsFile("/etc/cron.d/heartbeat")
heartbeat_cron.add("SHELL=/bin/bash", 0)
heartbeat_cron.add(
"PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1)
heartbeat_cron.add(
"* * * * * root $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1)
heartbeat_cron.add(
"* * * * * root sleep 30; $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1)
heartbeat_cron.commit()
proc = CsProcess(['/usr/sbin/keepalived'])
if not proc.find() or keepalived_conf.is_changed():
keepalived_conf.commit()
CsHelper.service("keepalived", "restart")
def stop(self):
proc = CsProcess(["Password Service"])
pid = proc.grep("passwd_server_ip.py %s" % self.ip)
proc.kill(pid)
pid = proc.grep("passwd_server_ip %s" % self.ip)
proc.kill(pid)
pid = proc.grep("8080,reuseaddr,fork,crnl,bind=%s" % self.ip)
proc.kill(pid)
def start(self):
proc = CsProcess(["dummy"])
if proc.grep("passwd_server_ip %s" % self.ip) == -1:
proc.start(
"/opt/cloud/bin/passwd_server_ip %s >> /var/log/cloud.log 2>&1"
% self.ip, "&")
def _redundant_on(self):
guest = self.address.get_guest_if()
# No redundancy if there is no guest network
if guest is None:
self._redundant_off()
return
CsHelper.mkdir(self.CS_RAMDISK_DIR, 0755, False)
CsHelper.mount_tmpfs(self.CS_RAMDISK_DIR)
CsHelper.mkdir(self.CS_ROUTER_DIR, 0755, False)
for s in self.CS_TEMPLATES:
d = s
if s.endswith(".templ"):
d = s.replace(".templ", "")
CsHelper.copy_if_needed(
"%s/%s" % (self.CS_TEMPLATES_DIR, s), "%s/%s" % (self.CS_ROUTER_DIR, d))
CsHelper.copy_if_needed(
"%s/%s" % (self.CS_TEMPLATES_DIR, "keepalived.conf.templ"), self.KEEPALIVED_CONF)
CsHelper.copy_if_needed(
"%s/%s" % (self.CS_TEMPLATES_DIR, "checkrouter.sh.templ"), "/opt/cloud/bin/checkrouter.sh")
CsHelper.execute(
'sed -i "s/--exec\ \$DAEMON;/--exec\ \$DAEMON\ --\ --vrrp;/g" /etc/init.d/keepalived')
# checkrouter.sh configuration
check_router = CsFile("/opt/cloud/bin/checkrouter.sh")
check_router.greplace("[RROUTER_LOG]", self.RROUTER_LOG)
check_router.commit()
# keepalived configuration
keepalived_conf = CsFile(self.KEEPALIVED_CONF)
keepalived_conf.search(
" router_id ", " router_id %s" % self.cl.get_name())
keepalived_conf.search(
" interface ", " interface %s" % guest.get_device())
keepalived_conf.search(
" virtual_router_id ", " virtual_router_id %s" % self.cl.get_router_id())
keepalived_conf.greplace("[RROUTER_BIN_PATH]", self.CS_ROUTER_DIR)
keepalived_conf.section("authentication {", "}", [
" auth_type AH \n", " auth_pass %s\n" % self.cl.get_router_password()])
keepalived_conf.section(
"virtual_ipaddress {", "}", self._collect_ips())
# conntrackd configuration
conntrackd_template_conf = "%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ")
conntrackd_temp_bkp = "%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ.bkp")
CsHelper.copy(conntrackd_template_conf, conntrackd_temp_bkp)
conntrackd_tmpl = CsFile(conntrackd_template_conf)
if guest is not None:
conntrackd_tmpl.section("Multicast {", "}", [
"IPv4_address 225.0.0.50\n",
"Group 3780\n",
"IPv4_interface %s\n" % guest.get_ip(),
"Interface %s\n" % guest.get_device(),
"SndSocketBuffer 1249280\n",
"RcvSocketBuffer 1249280\n",
"Checksum on\n"])
conntrackd_tmpl.section("Address Ignore {", "}", self._collect_ignore_ips())
conntrackd_tmpl.commit()
conntrackd_conf = CsFile(self.CONNTRACKD_CONF)
is_equals = conntrackd_tmpl.compare(conntrackd_conf)
proc = CsProcess(['/etc/conntrackd/conntrackd.conf'])
if not proc.find() or not is_equals:
CsHelper.copy(conntrackd_template_conf, self.CONNTRACKD_CONF)
CsHelper.service("conntrackd", "restart")
# Restore the template file and remove the backup.
CsHelper.copy(conntrackd_temp_bkp, conntrackd_template_conf)
CsHelper.execute("rm -rf %s" % conntrackd_temp_bkp)
# Configure heartbeat cron job - runs every 30 seconds
heartbeat_cron = CsFile("/etc/cron.d/heartbeat")
heartbeat_cron.add("SHELL=/bin/bash", 0)
heartbeat_cron.add(
"PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1)
heartbeat_cron.add(
"* * * * * root $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1)
heartbeat_cron.add(
"* * * * * root sleep 30; $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1)
heartbeat_cron.commit()
# Configure KeepaliveD cron job - runs at every reboot
keepalived_cron = CsFile("/etc/cron.d/keepalived")
keepalived_cron.add("SHELL=/bin/bash", 0)
keepalived_cron.add(
"PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1)
keepalived_cron.add("@reboot root service keepalived start", -1)
keepalived_cron.commit()
# Configure ConntrackD cron job - runs at every reboot
conntrackd_cron = CsFile("/etc/cron.d/conntrackd")
conntrackd_cron.add("SHELL=/bin/bash", 0)
conntrackd_cron.add(
"PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1)
conntrackd_cron.add("@reboot root service conntrackd start", -1)
conntrackd_cron.commit()
proc = CsProcess(['/usr/sbin/keepalived'])
if not proc.find() or keepalived_conf.is_changed():
keepalived_conf.commit()
CsHelper.service("keepalived", "restart")
def _redundant_on(self):
guest = self.address.get_guest_if()
# No redundancy if there is no guest network
if self.cl.is_master() or guest is None:
for obj in [o for o in self.address.get_ips() if o.is_public()]:
self.check_is_up(obj.get_device())
if guest is None:
self._redundant_off()
return
CsHelper.mkdir(self.CS_RAMDISK_DIR, 0755, False)
CsHelper.mount_tmpfs(self.CS_RAMDISK_DIR)
CsHelper.mkdir(self.CS_ROUTER_DIR, 0755, False)
for s in self.CS_TEMPLATES:
d = s
if s.endswith(".templ"):
d = s.replace(".templ", "")
CsHelper.copy_if_needed(
"%s/%s" % (self.CS_TEMPLATES_DIR, s), "%s/%s" % (self.CS_ROUTER_DIR, d))
CsHelper.copy(
"%s/%s" % (self.CS_TEMPLATES_DIR, "keepalived.conf.templ"), self.KEEPALIVED_CONF)
CsHelper.copy_if_needed(
"%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ"), self.CONNTRACKD_CONF)
CsHelper.copy_if_needed(
"%s/%s" % (self.CS_TEMPLATES_DIR, "checkrouter.sh.templ"), "/opt/cloud/bin/checkrouter.sh")
CsHelper.execute(
'sed -i "s/--exec\ \$DAEMON;/--exec\ \$DAEMON\ --\ --vrrp;/g" /etc/init.d/keepalived')
# checkrouter.sh configuration
check_router = CsFile("/opt/cloud/bin/checkrouter.sh")
check_router.greplace("[RROUTER_LOG]", self.RROUTER_LOG)
check_router.commit()
# keepalived configuration
keepalived_conf = CsFile(self.KEEPALIVED_CONF)
keepalived_conf.search(
" router_id ", " router_id %s" % self.cl.get_name())
keepalived_conf.search(
" interface ", " interface %s" % guest.get_device())
keepalived_conf.search(
" virtual_router_id ", " virtual_router_id %s" % self.cl.get_router_id())
keepalived_conf.greplace("[RROUTER_BIN_PATH]", self.CS_ROUTER_DIR)
keepalived_conf.section("authentication {", "}", [
" auth_type AH \n", " auth_pass %s\n" % self.cl.get_router_password()])
keepalived_conf.section(
"virtual_ipaddress {", "}", self._collect_ips())
keepalived_conf.commit()
# conntrackd configuration
connt = CsFile(self.CONNTRACKD_CONF)
if guest is not None:
connt.section("Multicast {", "}", [
"IPv4_address 225.0.0.50\n",
"Group 3780\n",
"IPv4_interface %s\n" % guest.get_ip(),
"Interface %s\n" % guest.get_device(),
"SndSocketBuffer 1249280\n",
"RcvSocketBuffer 1249280\n",
"Checksum on\n"])
connt.section("Address Ignore {", "}", self._collect_ignore_ips())
connt.commit()
if connt.is_changed():
CsHelper.service("conntrackd", "restart")
# Configure heartbeat cron job - runs every 30 seconds
heartbeat_cron = CsFile("/etc/cron.d/heartbeat")
heartbeat_cron.add("SHELL=/bin/bash", 0)
heartbeat_cron.add(
"PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1)
heartbeat_cron.add(
"* * * * * root $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1)
heartbeat_cron.add(
"* * * * * root sleep 30; $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1)
heartbeat_cron.commit()
# Configure KeepaliveD cron job - runs at every reboot
keepalived_cron = CsFile("/etc/cron.d/keepalived")
keepalived_cron.add("SHELL=/bin/bash", 0)
keepalived_cron.add(
"PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1)
keepalived_cron.add("@reboot root service keepalived start", -1)
keepalived_cron.commit()
# Configure ConntrackD cron job - runs at every reboot
conntrackd_cron = CsFile("/etc/cron.d/conntrackd")
conntrackd_cron.add("SHELL=/bin/bash", 0)
conntrackd_cron.add(
"PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1)
conntrackd_cron.add("@reboot root service conntrackd start", -1)
conntrackd_cron.commit()
proc = CsProcess(['/usr/sbin/keepalived', '--vrrp'])
if not proc.find() or keepalived_conf.is_changed():
CsHelper.service("keepalived", "restart")