def remove_legacy_apache_config_files(self): legacy_file_patterns = [ '/etc/apache2/ports.conf', '/etc/apache2/sites-available/default', '/etc/apache2/sites-available/default-ssl', '/etc/apache2/conf.d/ports.*.meta-data.conf', '/etc/apache2/sites-available/ipAlias*', '/etc/apache2/sites-enabled/ipAlias*', '/etc/apache2/conf.d/vhost*.conf', '/etc/apache2/ports.conf', '/etc/apache2/vhostexample.conf', '/etc/apache2/sites-available/default', '/etc/apache2/sites-available/default-ssl', '/etc/apache2/sites-enabled/default' ] for legacy_file_pattern in legacy_file_patterns: for legacy_file in glob.glob(legacy_file_pattern): if os.path.isfile(legacy_file): os.remove(legacy_file) logging.debug( "Found and removed legacy Apache config file '%s'" % legacy_file) # Remove legacy ports.conf include apache_config = CsFile("/etc/apache2/apache2.conf") apache_config.deleteLine("Include ports.conf", False) if apache_config.is_changed(): logging.debug( "Found and removed legacy Apache ports.conf inclusion") apache_config.commit()
def setup(self): self.remove_legacy_apache_config_files() CsHelper.copy_if_needed( "/etc/apache2/vhost.template", "/etc/apache2/sites-enabled/vhost-%s.conf" % self.ip) file = CsFile("/etc/apache2/sites-enabled/vhost-%s.conf" % (self.ip)) file.search("<VirtualHost.*:80>", "\t<VirtualHost %s:80>" % (self.ip)) file.search("<VirtualHost.*:443>", "\t<VirtualHost %s:443>" % (self.ip)) file.search("Listen .*:80", "Listen %s:80" % (self.ip)) file.search("Listen .*:443", "Listen %s:443" % (self.ip)) file.search("NameVirtualHost .*:80", "NameVirtualHost %s:80" % (self.ip)) file.search( "ServerName.*", "\tServerName %s.%s" % (self.config.cl.get_type(), self.config.get_domain())) if file.is_changed(): file.commit() CsHelper.service("apache2", "restart") self.fw.append([ "", "front", "-A INPUT -i %s -d %s/32 -p tcp -m tcp -m state --state NEW --dport 80 -j ACCEPT" % (self.dev, self.ip) ]) self.fw.append([ "", "front", "-A INPUT -i %s -d %s/32 -p tcp -m tcp -m state --state NEW --dport 443 -j ACCEPT" % (self.dev, self.ip) ])
def setup(self): CsHelper.copy_if_needed( "/etc/apache2/vhost.template", "/etc/apache2/sites-enabled/vhost-%s.conf" % self.ip) file = CsFile("/etc/apache2/sites-enabled/vhost-%s.conf" % (self.ip)) if not self.config.cl.is_redundant(): file.replaceIfFound("<VirtualHost.*:8180>", "<VirtualHost %s:80>" % (self.ip)) file.replaceIfFound("<VirtualHost.*:8443>", "\t<VirtualHost %s:443>" % (self.ip)) file.replaceIfFound("Listen .*:8180", "Listen %s:80" % (self.ip)) file.replaceIfFound("Listen .*:8443", "Listen %s:443" % (self.ip)) else: file.replaceIfFound( "<VirtualHost.*:8180>", "<VirtualHost %s:80 %s:80>" % (self.ip, self.gateway)) file.replaceIfFound( "<VirtualHost.*:8443>", "\t<VirtualHost %s:443 %s:443>" % (self.ip, self.gateway)) file.replaceIfFound( "Listen .*:8180", "Listen %s:80\nListen %s:80" % (self.ip, self.gateway)) file.replaceIfFound( "Listen .*:8443", "Listen %s:443\nListen %s:443" % (self.ip, self.gateway)) file.search( "ServerName.*", "\tServerName %s.%s" % (self.config.cl.get_type(), self.config.get_domain())) if file.is_changed(): file.commit() CsHelper.execute2("systemctl restart apache2", False)
def setup(self): CsHelper.copy_if_needed("/etc/apache2/vhostexample.conf", "/etc/apache2/conf.d/vhost%s.conf" % self.dev) file = CsFile("/etc/apache2/conf.d/vhost%s.conf" % (self.dev)) file.search("<VirtualHost.*:80>", "\t<VirtualHost %s:80>" % (self.ip)) file.search("<VirtualHost.*:80>", "\t<VirtualHost %s:80>" % (self.ip)) file.search("<VirtualHost.*:443>", "\t<VirtualHost %s:443>" % (self.ip)) file.search("Listen .*:80", "Listen %s:80" % (self.ip)) file.search("Listen .*:443", "Listen %s:443" % (self.ip)) file.search("ServerName.*", "\tServerName vhost%s.cloudinternal.com" % (self.dev)) file.commit() if file.is_changed(): CsHelper.service("apache2", "restart") self.fw.append(["", "front", "-A INPUT -i %s -d %s/32 -p tcp -m tcp -m state --state NEW --dport 80 -j ACCEPT" % (self.dev, self.ip) ])
def setup(self): CsHelper.copy_if_needed("/etc/apache2/vhostexample.conf", "/etc/apache2/conf.d/vhost%s.conf" % self.dev) file = CsFile("/etc/apache2/conf.d/vhost%s.conf" % (self.dev)) file.search("<VirtualHost.*:80>", "\t<VirtualHost %s:80>" % (self.ip)) file.search("<VirtualHost.*:80>", "\t<VirtualHost %s:80>" % (self.ip)) file.search("<VirtualHost.*:443>", "\t<VirtualHost %s:443>" % (self.ip)) file.search("Listen .*:80", "Listen %s:80" % (self.ip)) file.search("Listen .*:443", "Listen %s:443" % (self.ip)) file.search("ServerName.*", "\tServerName vhost%s.cloudinternal.com" % (self.dev)) if file.is_changed(): file.commit() CsHelper.service("apache2", "restart") self.fw.append(["", "front", "-A INPUT -i %s -d %s/32 -p tcp -m tcp -m state --state NEW --dport 80 -j ACCEPT" % (self.dev, self.ip) ])
def setup(self): CsHelper.copy_if_needed( "/etc/apache2/vhost.template", "/etc/apache2/sites-enabled/vhost-%s.conf" % self.ip) file = CsFile("/etc/apache2/sites-enabled/vhost-%s.conf" % (self.ip)) if not self.config.cl.is_redundant(): file.replaceIfFound("<VirtualHost.*:8180>", "<VirtualHost %s:80>" % (self.ip)) file.replaceIfFound("<VirtualHost.*:8443>", "\t<VirtualHost %s:443>" % (self.ip)) file.replaceIfFound("Listen .*:8180", "Listen %s:80" % (self.ip)) file.replaceIfFound("Listen .*:8443", "Listen %s:443" % (self.ip)) else: file.replaceIfFound( "<VirtualHost.*:8180>", "<VirtualHost %s:80 %s:80>" % (self.ip, self.gateway)) file.replaceIfFound( "<VirtualHost.*:8443>", "\t<VirtualHost %s:443 %s:443>" % (self.ip, self.gateway)) file.replaceIfFound( "Listen .*:8180", "Listen %s:80\nListen %s:80" % (self.ip, self.gateway)) file.replaceIfFound( "Listen .*:8443", "Listen %s:443\nListen %s:443" % (self.ip, self.gateway)) file.search( "ServerName.*", "\tServerName %s.%s" % (self.config.cl.get_type(), self.config.get_domain())) if file.is_changed(): file.commit() CsHelper.execute2("systemctl restart apache2", False) self.fw.append([ "", "front", "-A INPUT -i %s -d %s/32 -p tcp -m tcp -m state --state NEW --dport 80 -j ACCEPT" % (self.dev, self.ip) ]) self.fw.append([ "", "front", "-A INPUT -i %s -d %s/32 -p tcp -m tcp -m state --state NEW --dport 443 -j ACCEPT" % (self.dev, self.ip) ])
def setup(self): CsHelper.copy_if_needed("/etc/apache2/vhost.template", "/etc/apache2/sites-enabled/vhost-%s.conf" % self.ip) file = CsFile("/etc/apache2/sites-enabled/vhost-%s.conf" % (self.ip)) file.search("<VirtualHost.*:80>", "\t<VirtualHost %s:80>" % (self.ip)) file.search("<VirtualHost.*:443>", "\t<VirtualHost %s:443>" % (self.ip)) file.search("Listen .*:80", "Listen %s:80" % (self.ip)) file.search("Listen .*:443", "Listen %s:443" % (self.ip)) file.search("ServerName.*", "\tServerName %s.%s" % (self.config.cl.get_type(), self.config.get_domain())) if file.is_changed(): file.commit() CsHelper.service("apache2", "restart") self.fw.append([ "", "front", "-A INPUT -i %s -d %s/32 -p tcp -m tcp -m state --state NEW --dport 80 -j ACCEPT" % (self.dev, self.ip) ]) self.fw.append([ "", "front", "-A INPUT -i %s -d %s/32 -p tcp -m tcp -m state --state NEW --dport 443 -j ACCEPT" % (self.dev, self.ip) ])
def _redundant_on(self): guest = self.address.get_guest_if() # No redundancy if there is no guest network if self.cl.is_master() or guest is None: for obj in [o for o in self.address.get_ips() if o.is_public()]: self.check_is_up(obj.get_device()) if guest is None: self._redundant_off() return CsHelper.mkdir(self.CS_RAMDISK_DIR, 0755, False) CsHelper.mount_tmpfs(self.CS_RAMDISK_DIR) CsHelper.mkdir(self.CS_ROUTER_DIR, 0755, False) for s in self.CS_TEMPLATES: d = s if s.endswith(".templ"): d = s.replace(".templ", "") CsHelper.copy_if_needed("%s/%s" % (self.CS_TEMPLATES_DIR, s), "%s/%s" % (self.CS_ROUTER_DIR, d)) CsHelper.copy_if_needed("%s/%s" % (self.CS_TEMPLATES_DIR, "keepalived.conf.templ"), self.KEEPALIVED_CONF) CsHelper.copy_if_needed("%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ"), self.CONNTRACKD_CONF) CsHelper.copy_if_needed("%s/%s" % (self.CS_TEMPLATES_DIR, "checkrouter.sh.templ"), "/opt/cloud/bin/checkrouter.sh") CsHelper.execute('sed -i "s/--exec\ \$DAEMON;/--exec\ \$DAEMON\ --\ --vrrp;/g" /etc/init.d/keepalived') # checkrouter.sh configuration file = CsFile("/opt/cloud/bin/checkrouter.sh") file.greplace("[RROUTER_LOG]", self.RROUTER_LOG) file.commit() # keepalived configuration file = CsFile(self.KEEPALIVED_CONF) ads = [o for o in self.address.get_ips() if o.is_public()] # Add a comment for each public IP. If any change this will cause keepalived to restart # As things stand keepalived will be configured before the IP is added or deleted i = 0 for o in ads: file.addeq("! %s=%s" % (i, o.get_cidr())) i = i + 1 file.search(" router_id ", " router_id %s" % self.cl.get_name()) file.search(" priority ", " priority %s" % self.cl.get_priority()) file.search(" interface ", " interface %s" % guest.get_device()) file.search(" state ", " state %s" % "EQUAL") file.search(" virtual_router_id ", " virtual_router_id %s" % self.cl.get_router_id()) file.greplace("[RROUTER_BIN_PATH]", self.CS_ROUTER_DIR) file.section("authentication {", "}", [" auth_type AH \n", " auth_pass %s\n" % self.cl.get_router_password()]) file.section("virtual_ipaddress {", "}", self._collect_ips()) file.commit() # conntrackd configuration connt = CsFile(self.CONNTRACKD_CONF) if guest is not None: connt.section("Multicast {", "}", [ "IPv4_address 225.0.0.50\n", "Group 3780\n", "IPv4_interface %s\n" % guest.get_ip(), "Interface %s\n" % guest.get_device(), "SndSocketBuffer 1249280\n", "RcvSocketBuffer 1249280\n", "Checksum on\n"]) connt.section("Address Ignore {", "}", self._collect_ignore_ips()) connt.commit() if connt.is_changed(): CsHelper.service("conntrackd", "restart") if file.is_changed(): CsHelper.service("keepalived", "reload") # Configure heartbeat cron job cron = CsFile("/etc/cron.d/heartbeat") cron.add("SHELL=/bin/bash", 0) cron.add("PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1) cron.add("*/1 * * * * root $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1) cron.commit() proc = CsProcess(['/usr/sbin/keepalived', '--vrrp']) if not proc.find(): CsHelper.service("keepalived", "restart")
def _redundant_on(self): guest = self.address.get_guest_if() # No redundancy if there is no guest network if guest is None: self.set_backup() self._redundant_off() return interfaces = [ interface for interface in self.address.get_interfaces() if interface.is_guest() ] isDeviceReady = False dev = '' for interface in interfaces: if dev == interface.get_device(): continue dev = interface.get_device() logging.info( "Wait for devices to be configured so we can start keepalived") devConfigured = CsDevice(dev, self.config).waitfordevice() if devConfigured: command = "ip link show %s | grep 'state UP'" % dev devUp = CsHelper.execute(command) if devUp: logging.info( "Device %s is present, let's start keepalived now." % dev) isDeviceReady = True if not isDeviceReady: logging.info( "Guest network not configured yet, let's stop router redundancy for now." ) CsHelper.service("conntrackd", "stop") CsHelper.service("keepalived", "stop") return CsHelper.mkdir(self.CS_RAMDISK_DIR, 0755, False) CsHelper.mount_tmpfs(self.CS_RAMDISK_DIR) CsHelper.mkdir(self.CS_ROUTER_DIR, 0755, False) for s in self.CS_TEMPLATES: d = s if s.endswith(".templ"): d = s.replace(".templ", "") CsHelper.copy_if_needed("%s/%s" % (self.CS_TEMPLATES_DIR, s), "%s/%s" % (self.CS_ROUTER_DIR, d)) CsHelper.copy_if_needed( "%s/%s" % (self.CS_TEMPLATES_DIR, "keepalived.conf.templ"), self.KEEPALIVED_CONF) CsHelper.copy_if_needed( "%s/%s" % (self.CS_TEMPLATES_DIR, "checkrouter.sh.templ"), "/opt/cloud/bin/checkrouter.sh") CsHelper.execute( 'sed -i "s/--exec $DAEMON;/--exec $DAEMON -- --vrrp;/g" /etc/init.d/keepalived' ) # checkrouter.sh configuration check_router = CsFile("/opt/cloud/bin/checkrouter.sh") check_router.greplace("[RROUTER_LOG]", self.RROUTER_LOG) check_router.commit() # keepalived configuration keepalived_conf = CsFile(self.KEEPALIVED_CONF) keepalived_conf.search(" router_id ", " router_id %s" % self.cl.get_name()) keepalived_conf.search(" interface ", " interface %s" % guest.get_device()) keepalived_conf.search(" advert_int ", " advert_int %s" % self.cl.get_advert_int()) keepalived_conf.greplace("[RROUTER_BIN_PATH]", self.CS_ROUTER_DIR) keepalived_conf.section("authentication {", "}", [ " auth_type AH \n", " auth_pass %s\n" % self.cl.get_router_password()[:8] ]) keepalived_conf.section("virtual_ipaddress {", "}", self._collect_ips()) # conntrackd configuration conntrackd_template_conf = "%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ") conntrackd_temp_bkp = "%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ.bkp") CsHelper.copy(conntrackd_template_conf, conntrackd_temp_bkp) conntrackd_tmpl = CsFile(conntrackd_template_conf) conntrackd_tmpl.section("Multicast {", "}", [ "IPv4_address 225.0.0.50\n", "Group 3780\n", "IPv4_interface %s\n" % guest.get_ip(), "Interface %s\n" % guest.get_device(), "SndSocketBuffer 1249280\n", "RcvSocketBuffer 1249280\n", "Checksum on\n" ]) conntrackd_tmpl.section("Address Ignore {", "}", self._collect_ignore_ips()) conntrackd_tmpl.commit() conntrackd_conf = CsFile(self.CONNTRACKD_CONF) is_equals = conntrackd_tmpl.compare(conntrackd_conf) force_keepalived_restart = False proc = CsProcess(['/etc/conntrackd/conntrackd.conf']) if not proc.find() or not is_equals: CsHelper.copy(conntrackd_template_conf, self.CONNTRACKD_CONF) CsHelper.service("conntrackd", "restart") force_keepalived_restart = True # Restore the template file and remove the backup. CsHelper.copy(conntrackd_temp_bkp, conntrackd_template_conf) CsHelper.execute("rm -rf %s" % conntrackd_temp_bkp) # Configure heartbeat cron job - runs every 30 seconds heartbeat_cron = CsFile("/etc/cron.d/heartbeat") heartbeat_cron.add("SHELL=/bin/bash", 0) heartbeat_cron.add( "PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1) heartbeat_cron.add( "* * * * * root $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1) heartbeat_cron.add( "* * * * * root sleep 30; $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1) heartbeat_cron.commit() proc = CsProcess(['/usr/sbin/keepalived']) if not proc.find(): force_keepalived_restart = True if keepalived_conf.is_changed() or force_keepalived_restart: keepalived_conf.commit() os.chmod(self.KEEPALIVED_CONF, 0o644) if force_keepalived_restart or not self.cl.is_primary(): CsHelper.service("keepalived", "restart") else: CsHelper.service("keepalived", "reload")
def _redundant_on(self): guest = self.address.get_guest_if() # No redundancy if there is no guest network if guest is None: self._redundant_off() return interfaces = [interface for interface in self.address.get_ips() if interface.is_guest()] isDeviceReady = False dev = '' for interface in interfaces: if dev == interface.get_device(): continue dev = interface.get_device() logging.info("Wait for devices to be configured so we can start keepalived") devConfigured = CsDevice(dev, self.config).waitfordevice() if devConfigured: command = "ip link show %s | grep 'state UP'" % dev devUp = CsHelper.execute(command) if devUp: logging.info("Device %s is present, let's start keepalive now." % dev) isDeviceReady = True if not isDeviceReady: logging.info("Guest network not configured yet, let's stop router redundancy for now.") CsHelper.service("conntrackd", "stop") CsHelper.service("keepalived", "stop") return CsHelper.mkdir(self.CS_RAMDISK_DIR, 0755, False) CsHelper.mount_tmpfs(self.CS_RAMDISK_DIR) CsHelper.mkdir(self.CS_ROUTER_DIR, 0755, False) for s in self.CS_TEMPLATES: d = s if s.endswith(".templ"): d = s.replace(".templ", "") CsHelper.copy_if_needed( "%s/%s" % (self.CS_TEMPLATES_DIR, s), "%s/%s" % (self.CS_ROUTER_DIR, d)) CsHelper.copy_if_needed( "%s/%s" % (self.CS_TEMPLATES_DIR, "keepalived.conf.templ"), self.KEEPALIVED_CONF) CsHelper.copy_if_needed( "%s/%s" % (self.CS_TEMPLATES_DIR, "checkrouter.sh.templ"), "/opt/cloud/bin/checkrouter.sh") CsHelper.execute( 'sed -i "s/--exec\ \$DAEMON;/--exec\ \$DAEMON\ --\ --vrrp;/g" /etc/init.d/keepalived') # checkrouter.sh configuration check_router = CsFile("/opt/cloud/bin/checkrouter.sh") check_router.greplace("[RROUTER_LOG]", self.RROUTER_LOG) check_router.commit() # keepalived configuration keepalived_conf = CsFile(self.KEEPALIVED_CONF) keepalived_conf.search( " router_id ", " router_id %s" % self.cl.get_name()) keepalived_conf.search( " interface ", " interface %s" % guest.get_device()) keepalived_conf.greplace("[RROUTER_BIN_PATH]", self.CS_ROUTER_DIR) keepalived_conf.section("authentication {", "}", [ " auth_type AH \n", " auth_pass %s\n" % self.cl.get_router_password()]) keepalived_conf.section( "virtual_ipaddress {", "}", self._collect_ips()) # conntrackd configuration conntrackd_template_conf = "%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ") conntrackd_temp_bkp = "%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ.bkp") CsHelper.copy(conntrackd_template_conf, conntrackd_temp_bkp) conntrackd_tmpl = CsFile(conntrackd_template_conf) conntrackd_tmpl.section("Multicast {", "}", [ "IPv4_address 225.0.0.50\n", "Group 3780\n", "IPv4_interface %s\n" % guest.get_ip(), "Interface %s\n" % guest.get_device(), "SndSocketBuffer 1249280\n", "RcvSocketBuffer 1249280\n", "Checksum on\n"]) conntrackd_tmpl.section("Address Ignore {", "}", self._collect_ignore_ips()) conntrackd_tmpl.commit() conntrackd_conf = CsFile(self.CONNTRACKD_CONF) is_equals = conntrackd_tmpl.compare(conntrackd_conf) proc = CsProcess(['/etc/conntrackd/conntrackd.conf']) if not proc.find() or not is_equals: CsHelper.copy(conntrackd_template_conf, self.CONNTRACKD_CONF) CsHelper.service("conntrackd", "restart") # Restore the template file and remove the backup. CsHelper.copy(conntrackd_temp_bkp, conntrackd_template_conf) CsHelper.execute("rm -rf %s" % conntrackd_temp_bkp) # Configure heartbeat cron job - runs every 30 seconds heartbeat_cron = CsFile("/etc/cron.d/heartbeat") heartbeat_cron.add("SHELL=/bin/bash", 0) heartbeat_cron.add( "PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1) heartbeat_cron.add( "* * * * * root $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1) heartbeat_cron.add( "* * * * * root sleep 30; $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1) heartbeat_cron.commit() proc = CsProcess(['/usr/sbin/keepalived']) if not proc.find() or keepalived_conf.is_changed(): keepalived_conf.commit() CsHelper.service("keepalived", "restart")
def _redundant_on(self): guest = self.address.get_guest_if() # No redundancy if there is no guest network if guest is None: self._redundant_off() return CsHelper.mkdir(self.CS_RAMDISK_DIR, 0755, False) CsHelper.mount_tmpfs(self.CS_RAMDISK_DIR) CsHelper.mkdir(self.CS_ROUTER_DIR, 0755, False) for s in self.CS_TEMPLATES: d = s if s.endswith(".templ"): d = s.replace(".templ", "") CsHelper.copy_if_needed( "%s/%s" % (self.CS_TEMPLATES_DIR, s), "%s/%s" % (self.CS_ROUTER_DIR, d)) CsHelper.copy_if_needed( "%s/%s" % (self.CS_TEMPLATES_DIR, "keepalived.conf.templ"), self.KEEPALIVED_CONF) CsHelper.copy_if_needed( "%s/%s" % (self.CS_TEMPLATES_DIR, "checkrouter.sh.templ"), "/opt/cloud/bin/checkrouter.sh") CsHelper.execute( 'sed -i "s/--exec\ \$DAEMON;/--exec\ \$DAEMON\ --\ --vrrp;/g" /etc/init.d/keepalived') # checkrouter.sh configuration check_router = CsFile("/opt/cloud/bin/checkrouter.sh") check_router.greplace("[RROUTER_LOG]", self.RROUTER_LOG) check_router.commit() # keepalived configuration keepalived_conf = CsFile(self.KEEPALIVED_CONF) keepalived_conf.search( " router_id ", " router_id %s" % self.cl.get_name()) keepalived_conf.search( " interface ", " interface %s" % guest.get_device()) keepalived_conf.search( " virtual_router_id ", " virtual_router_id %s" % self.cl.get_router_id()) keepalived_conf.greplace("[RROUTER_BIN_PATH]", self.CS_ROUTER_DIR) keepalived_conf.section("authentication {", "}", [ " auth_type AH \n", " auth_pass %s\n" % self.cl.get_router_password()]) keepalived_conf.section( "virtual_ipaddress {", "}", self._collect_ips()) # conntrackd configuration conntrackd_template_conf = "%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ") conntrackd_temp_bkp = "%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ.bkp") CsHelper.copy(conntrackd_template_conf, conntrackd_temp_bkp) conntrackd_tmpl = CsFile(conntrackd_template_conf) if guest is not None: conntrackd_tmpl.section("Multicast {", "}", [ "IPv4_address 225.0.0.50\n", "Group 3780\n", "IPv4_interface %s\n" % guest.get_ip(), "Interface %s\n" % guest.get_device(), "SndSocketBuffer 1249280\n", "RcvSocketBuffer 1249280\n", "Checksum on\n"]) conntrackd_tmpl.section("Address Ignore {", "}", self._collect_ignore_ips()) conntrackd_tmpl.commit() conntrackd_conf = CsFile(self.CONNTRACKD_CONF) is_equals = conntrackd_tmpl.compare(conntrackd_conf) proc = CsProcess(['/etc/conntrackd/conntrackd.conf']) if not proc.find() or not is_equals: CsHelper.copy(conntrackd_template_conf, self.CONNTRACKD_CONF) CsHelper.service("conntrackd", "restart") # Restore the template file and remove the backup. CsHelper.copy(conntrackd_temp_bkp, conntrackd_template_conf) CsHelper.execute("rm -rf %s" % conntrackd_temp_bkp) # Configure heartbeat cron job - runs every 30 seconds heartbeat_cron = CsFile("/etc/cron.d/heartbeat") heartbeat_cron.add("SHELL=/bin/bash", 0) heartbeat_cron.add( "PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1) heartbeat_cron.add( "* * * * * root $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1) heartbeat_cron.add( "* * * * * root sleep 30; $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1) heartbeat_cron.commit() # Configure KeepaliveD cron job - runs at every reboot keepalived_cron = CsFile("/etc/cron.d/keepalived") keepalived_cron.add("SHELL=/bin/bash", 0) keepalived_cron.add( "PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1) keepalived_cron.add("@reboot root service keepalived start", -1) keepalived_cron.commit() # Configure ConntrackD cron job - runs at every reboot conntrackd_cron = CsFile("/etc/cron.d/conntrackd") conntrackd_cron.add("SHELL=/bin/bash", 0) conntrackd_cron.add( "PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1) conntrackd_cron.add("@reboot root service conntrackd start", -1) conntrackd_cron.commit() proc = CsProcess(['/usr/sbin/keepalived']) if not proc.find() or keepalived_conf.is_changed(): keepalived_conf.commit() CsHelper.service("keepalived", "restart")
def _redundant_on(self): guest = self.address.get_guest_if() # No redundancy if there is no guest network if self.cl.is_master() or guest is None: for obj in [o for o in self.address.get_ips() if o.is_public()]: self.check_is_up(obj.get_device()) if guest is None: self._redundant_off() return CsHelper.mkdir(self.CS_RAMDISK_DIR, 0755, False) CsHelper.mount_tmpfs(self.CS_RAMDISK_DIR) CsHelper.mkdir(self.CS_ROUTER_DIR, 0755, False) for s in self.CS_TEMPLATES: d = s if s.endswith(".templ"): d = s.replace(".templ", "") CsHelper.copy_if_needed( "%s/%s" % (self.CS_TEMPLATES_DIR, s), "%s/%s" % (self.CS_ROUTER_DIR, d)) CsHelper.copy( "%s/%s" % (self.CS_TEMPLATES_DIR, "keepalived.conf.templ"), self.KEEPALIVED_CONF) CsHelper.copy_if_needed( "%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ"), self.CONNTRACKD_CONF) CsHelper.copy_if_needed( "%s/%s" % (self.CS_TEMPLATES_DIR, "checkrouter.sh.templ"), "/opt/cloud/bin/checkrouter.sh") CsHelper.execute( 'sed -i "s/--exec\ \$DAEMON;/--exec\ \$DAEMON\ --\ --vrrp;/g" /etc/init.d/keepalived') # checkrouter.sh configuration check_router = CsFile("/opt/cloud/bin/checkrouter.sh") check_router.greplace("[RROUTER_LOG]", self.RROUTER_LOG) check_router.commit() # keepalived configuration keepalived_conf = CsFile(self.KEEPALIVED_CONF) keepalived_conf.search( " router_id ", " router_id %s" % self.cl.get_name()) keepalived_conf.search( " interface ", " interface %s" % guest.get_device()) keepalived_conf.search( " virtual_router_id ", " virtual_router_id %s" % self.cl.get_router_id()) keepalived_conf.greplace("[RROUTER_BIN_PATH]", self.CS_ROUTER_DIR) keepalived_conf.section("authentication {", "}", [ " auth_type AH \n", " auth_pass %s\n" % self.cl.get_router_password()]) keepalived_conf.section( "virtual_ipaddress {", "}", self._collect_ips()) keepalived_conf.commit() # conntrackd configuration connt = CsFile(self.CONNTRACKD_CONF) if guest is not None: connt.section("Multicast {", "}", [ "IPv4_address 225.0.0.50\n", "Group 3780\n", "IPv4_interface %s\n" % guest.get_ip(), "Interface %s\n" % guest.get_device(), "SndSocketBuffer 1249280\n", "RcvSocketBuffer 1249280\n", "Checksum on\n"]) connt.section("Address Ignore {", "}", self._collect_ignore_ips()) connt.commit() if connt.is_changed(): CsHelper.service("conntrackd", "restart") # Configure heartbeat cron job - runs every 30 seconds heartbeat_cron = CsFile("/etc/cron.d/heartbeat") heartbeat_cron.add("SHELL=/bin/bash", 0) heartbeat_cron.add( "PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1) heartbeat_cron.add( "* * * * * root $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1) heartbeat_cron.add( "* * * * * root sleep 30; $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1) heartbeat_cron.commit() # Configure KeepaliveD cron job - runs at every reboot keepalived_cron = CsFile("/etc/cron.d/keepalived") keepalived_cron.add("SHELL=/bin/bash", 0) keepalived_cron.add( "PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1) keepalived_cron.add("@reboot root service keepalived start", -1) keepalived_cron.commit() # Configure ConntrackD cron job - runs at every reboot conntrackd_cron = CsFile("/etc/cron.d/conntrackd") conntrackd_cron.add("SHELL=/bin/bash", 0) conntrackd_cron.add( "PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1) conntrackd_cron.add("@reboot root service conntrackd start", -1) conntrackd_cron.commit() proc = CsProcess(['/usr/sbin/keepalived', '--vrrp']) if not proc.find() or keepalived_conf.is_changed(): CsHelper.service("keepalived", "restart")