cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From yas...@apache.org
Subject git commit: updated refs/heads/master to e88cc48
Date Tue, 21 Jan 2014 02:49:37 GMT
Updated Branches:
  refs/heads/master 09fa6e5d8 -> e88cc488e


CLOUDSTACK-5779: Move loadbalancer to use routerProxy


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/e88cc488
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/e88cc488
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/e88cc488

Branch: refs/heads/master
Commit: e88cc488e5a9011f2c199f906bb0dacdb95685d7
Parents: 09fa6e5
Author: Sheng Yang <sheng.yang@citrix.com>
Authored: Mon Jan 20 17:34:27 2014 -0800
Committer: Sheng Yang <sheng.yang@citrix.com>
Committed: Mon Jan 20 18:48:46 2014 -0800

----------------------------------------------------------------------
 .../virtualnetwork/VirtualRoutingResource.java  | 118 ++-----
 .../vmware/resource/VmwareResource.java         | 187 +++--------
 .../xen/resource/CitrixResourceBase.java        | 100 ++----
 scripts/network/domr/call_loadbalancer.sh       | 101 ------
 scripts/vm/hypervisor/xenserver/vmops           |  17 +-
 .../debian/config/opt/cloud/bin/loadbalancer.sh | 320 +++++++++++++++++++
 .../patches/debian/config/root/loadbalancer.sh  | 320 -------------------
 7 files changed, 419 insertions(+), 744 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e88cc488/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
----------------------------------------------------------------------
diff --git a/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java b/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
index ff99b92..732d7b4 100755
--- a/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
+++ b/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
@@ -75,13 +75,10 @@ import org.apache.log4j.Logger;
 import javax.ejb.Local;
 import javax.naming.ConfigurationException;
 import java.io.BufferedReader;
-import java.io.BufferedWriter;
 import java.io.File;
-import java.io.FileWriter;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.InputStreamReader;
-import java.io.PrintWriter;
 import java.net.InetSocketAddress;
 import java.net.URL;
 import java.net.URLConnection;
@@ -102,7 +99,6 @@ import java.util.Map;
 public class VirtualRoutingResource implements Manager {
     private static final Logger s_logger = Logger.getLogger(VirtualRoutingResource.class);
     private String _publicIpAddress;
-    private String _loadbPath;
     private String _publicEthIf;
     private String _privateEthIf;
     private String _routerProxyPath;
@@ -354,7 +350,20 @@ public class VirtualRoutingResource implements Manager {
         return new SetStaticNatRulesAnswer(cmd, results, endResult);
     }
 
-    protected Answer VPCLoadBalancerConfig(final LoadBalancerConfigCommand cmd) {
+    protected boolean createFileInVR(String routerIp, String path, String filename, String content) {
+        File permKey = new File("/root/.ssh/id_rsa.cloud");
+        boolean result = true;
+
+        try {
+            SshHelper.scpTo(routerIp, 3922, "root", permKey, null, path, content.getBytes(), filename, null);
+        } catch (Exception e) {
+            s_logger.warn("Fail to create file " + path + filename + " in VR " + routerIp, e);
+            result = false;
+        }
+        return result;
+    }
+
+    private Answer execute(LoadBalancerConfigCommand cmd) {
         String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
 
         if (routerIp == null) {
@@ -368,25 +377,24 @@ public class VirtualRoutingResource implements Manager {
             tmpCfgFileContents += config[i];
             tmpCfgFileContents += "\n";
         }
-        File permKey = new File("/root/.ssh/id_rsa.cloud");
 
-        try {
-            SshHelper.scpTo(routerIp, 3922, "root", permKey, null, "/etc/haproxy/", tmpCfgFileContents.getBytes(), "haproxy.cfg.new", null);
+        if (!createFileInVR(routerIp, "/etc/haproxy/", "haproxy.cfg.new", tmpCfgFileContents)) {
+            return new Answer(cmd, false, "Fail to copy LB config file to VR");
+        }
 
+        try {
             String[][] rules = cfgtr.generateFwRules(cmd);
 
             String[] addRules = rules[LoadBalancerConfigurator.ADD];
             String[] removeRules = rules[LoadBalancerConfigurator.REMOVE];
             String[] statRules = rules[LoadBalancerConfigurator.STATS];
 
-            String ip = cmd.getNic().getIp();
-            String args = " -i " + ip;
+            String args = "";
             StringBuilder sb = new StringBuilder();
             if (addRules.length > 0) {
                 for (int i = 0; i < addRules.length; i++) {
                     sb.append(addRules[i]).append(',');
                 }
-
                 args += " -a " + sb.toString();
             }
 
@@ -408,7 +416,15 @@ public class VirtualRoutingResource implements Manager {
                 args += " -s " + sb.toString();
             }
 
-            String result = routerProxy("vpc_loadbalancer.sh", routerIp, args);
+            String result;
+
+            if (cmd.getVpcId() == null) {
+                args = " -i " + routerIp + args;
+                result = routerProxy("loadbalancer.sh", routerIp, args);
+            } else {
+                args = " -i " + cmd.getNic().getIp() + args;
+                result = routerProxy("vpc_loadbalancer.sh", routerIp, args);
+            }
 
             if (result != null) {
                 return new Answer(cmd, false, "LoadBalancerConfigCommand failed");
@@ -420,41 +436,6 @@ public class VirtualRoutingResource implements Manager {
         }
     }
 
-    private Answer execute(LoadBalancerConfigCommand cmd) {
-        if (cmd.getVpcId() != null) {
-            return VPCLoadBalancerConfig(cmd);
-        }
-
-        String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
-        File tmpCfgFile = null;
-        try {
-            String cfgFilePath = "";
-            LoadBalancerConfigurator cfgtr = new HAProxyConfigurator();
-            String[] config = cfgtr.generateConfiguration(cmd);
-            String[][] rules = cfgtr.generateFwRules(cmd);
-            if (routerIp != null) {
-                tmpCfgFile = File.createTempFile(routerIp.replace('.', '_'), "cfg");
-                final PrintWriter out = new PrintWriter(new BufferedWriter(new FileWriter(tmpCfgFile)));
-                for (int i = 0; i < config.length; i++) {
-                    out.println(config[i]);
-                }
-                out.close();
-                cfgFilePath = tmpCfgFile.getAbsolutePath();
-            }
-
-            final String result =
-                setLoadBalancerConfig(cfgFilePath, rules[LoadBalancerConfigurator.ADD], rules[LoadBalancerConfigurator.REMOVE], rules[LoadBalancerConfigurator.STATS],
-                    routerIp);
-
-            return new Answer(cmd, result == null, result);
-        } catch (final IOException e) {
-            return new Answer(cmd, false, e.getMessage());
-        } finally {
-            if (tmpCfgFile != null) {
-                tmpCfgFile.delete();
-            }
-        }
-    }
 
     protected Answer execute(VmDataCommand cmd) {
         String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
@@ -496,44 +477,6 @@ public class VirtualRoutingResource implements Manager {
         return new IpAssocAnswer(cmd, results);
     }
 
-    private String setLoadBalancerConfig(final String cfgFile, final String[] addRules, final String[] removeRules, final String[] statsRules, String routerIp) {
-
-        if (routerIp == null) {
-            routerIp = "none";
-        }
-
-        final Script command = new Script(_loadbPath, _timeout, s_logger);
-
-        command.add("-i", routerIp);
-        command.add("-f", cfgFile);
-
-        StringBuilder sb = new StringBuilder();
-        if (addRules.length > 0) {
-            for (int i = 0; i < addRules.length; i++) {
-                sb.append(addRules[i]).append(',');
-            }
-            command.add("-a", sb.toString());
-        }
-
-        sb = new StringBuilder();
-        if (removeRules.length > 0) {
-            for (int i = 0; i < removeRules.length; i++) {
-                sb.append(removeRules[i]).append(',');
-            }
-            command.add("-d", sb.toString());
-        }
-
-        sb = new StringBuilder();
-        if (statsRules.length > 0) {
-            for (int i = 0; i < statsRules.length; i++) {
-                sb.append(statsRules[i]).append(',');
-            }
-            command.add("-s", sb.toString());
-        }
-
-        return command.execute();
-    }
-
     protected Answer execute(final SavePasswordCommand cmd) {
         final String password = cmd.getPassword();
         final String routerPrivateIPAddress = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
@@ -1104,11 +1047,6 @@ public class VirtualRoutingResource implements Manager {
             s_logger.warn("Incoming public ip address is overriden.  Will always be using the same ip address: " + _publicIpAddress);
         }
 
-        _loadbPath = findScript("call_loadbalancer.sh");
-        if (_loadbPath == null) {
-            throw new ConfigurationException("Unable to find the call_loadbalancer.sh");
-        }
-
         _publicEthIf = (String)params.get("public.network.device");
         if (_publicEthIf == null) {
             _publicEthIf = "xenbr1";

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e88cc488/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
----------------------------------------------------------------------
diff --git a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
index 24915a2..566d175 100755
--- a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
+++ b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
@@ -1035,97 +1035,22 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa
         return new SetStaticNatRulesAnswer(cmd, results, endResult);
     }
 
-    protected Answer VPCLoadBalancerConfig(final LoadBalancerConfigCommand cmd) {
+    protected boolean createFileInVR(String routerIp, String filePath, String fileName, String content) {
         VmwareManager mgr = getServiceContext().getStockObject(VmwareManager.CONTEXT_STOCK_NAME);
         File keyFile = mgr.getSystemVMKeyFile();
-
-        String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
-        String controlIp = getRouterSshControlIp(cmd);
-
-        assert (controlIp != null);
-
-        LoadBalancerConfigurator cfgtr = new HAProxyConfigurator();
-        String[] config = cfgtr.generateConfiguration(cmd);
-
-        String tmpCfgFilePath = "/etc/haproxy/haproxy.cfg.new";
-        String tmpCfgFileContents = "";
-        for (int i = 0; i < config.length; i++) {
-            tmpCfgFileContents += config[i];
-            tmpCfgFileContents += "\n";
-        }
+        boolean result = true;
 
         try {
-            SshHelper.scpTo(controlIp, DefaultDomRSshPort, "root", keyFile, null, "/etc/haproxy/", tmpCfgFileContents.getBytes(), "haproxy.cfg.new", null);
-
-            try {
-                String[][] rules = cfgtr.generateFwRules(cmd);
-
-                String[] addRules = rules[LoadBalancerConfigurator.ADD];
-                String[] removeRules = rules[LoadBalancerConfigurator.REMOVE];
-                String[] statRules = rules[LoadBalancerConfigurator.STATS];
-
-                String args = "";
-                String ip = cmd.getNic().getIp();
-                args += " -i " + ip;
-                StringBuilder sb = new StringBuilder();
-                if (addRules.length > 0) {
-                    for (int i = 0; i < addRules.length; i++) {
-                        sb.append(addRules[i]).append(',');
-                    }
-
-                    args += " -a " + sb.toString();
-                }
-
-                sb = new StringBuilder();
-                if (removeRules.length > 0) {
-                    for (int i = 0; i < removeRules.length; i++) {
-                        sb.append(removeRules[i]).append(',');
-                    }
-
-                    args += " -d " + sb.toString();
-                }
-
-                sb = new StringBuilder();
-                if (statRules.length > 0) {
-                    for (int i = 0; i < statRules.length; i++) {
-                        sb.append(statRules[i]).append(',');
-                    }
-
-                    args += " -s " + sb.toString();
-                }
-
-                // Invoke the command
-                Pair<Boolean, String> result =
-                    SshHelper.sshExecute(controlIp, DefaultDomRSshPort, "root", mgr.getSystemVMKeyFile(), null, "/opt/cloud/bin/vpc_loadbalancer.sh " + args);
-
-                if (!result.first()) {
-                    String msg = "LoadBalancerConfigCommand on domain router " + routerIp + " failed. message: " + result.second();
-                    s_logger.error(msg);
-
-                    return new Answer(cmd, false, msg);
-                }
-
-                if (s_logger.isInfoEnabled()) {
-                    s_logger.info("VPCLoadBalancerConfigCommand on domain router " + routerIp + " completed");
-                }
-            } finally {
-                SshHelper.sshExecute(controlIp, DefaultDomRSshPort, "root", mgr.getSystemVMKeyFile(), null, "rm " + tmpCfgFilePath);
-            }
-            return new Answer(cmd);
-        } catch (Throwable e) {
-            s_logger.error("Unexpected exception: " + e.toString(), e);
-            return new Answer(cmd, false, "VPCLoadBalancerConfigCommand failed due to " + VmwareHelper.getExceptionMessage(e));
+            SshHelper.scpTo(routerIp, 3922, "root", keyFile, null, filePath, content.getBytes(), fileName, null);
+        } catch (Exception e) {
+            s_logger.warn("Fail to create file " + filePath + fileName + " in VR " + routerIp, e);
+            result = false;
         }
+        return result;
     }
 
     protected Answer execute(final LoadBalancerConfigCommand cmd) {
-
-        if (cmd.getVpcId() != null) {
-            return VPCLoadBalancerConfig(cmd);
-        }
-
         VmwareManager mgr = getServiceContext().getStockObject(VmwareManager.CONTEXT_STOCK_NAME);
-        File keyFile = mgr.getSystemVMKeyFile();
 
         String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
         String controlIp = getRouterSshControlIp(cmd);
@@ -1135,82 +1060,74 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa
         LoadBalancerConfigurator cfgtr = new HAProxyConfigurator();
         String[] config = cfgtr.generateConfiguration(cmd);
 
-        String[][] rules = cfgtr.generateFwRules(cmd);
-        String tmpCfgFilePath = "/tmp/" + routerIp.replace('.', '_') + ".cfg";
         String tmpCfgFileContents = "";
+        String tmpCfgFileName = "haproxy.cfg.new";
+        String tmpCfgFilePath = "/etc/haproxy/";
         for (int i = 0; i < config.length; i++) {
             tmpCfgFileContents += config[i];
             tmpCfgFileContents += "\n";
         }
 
-        try {
-            SshHelper.scpTo(controlIp, DefaultDomRSshPort, "root", keyFile, null, "/tmp/", tmpCfgFileContents.getBytes(), routerIp.replace('.', '_') + ".cfg", null);
+        if (!createFileInVR(controlIp, "/etc/haproxy/", "haproxy.cfg.new", tmpCfgFileContents)) {
+            return new Answer(cmd, false, "Fail to create LB config file in VR");
+        }
 
-            try {
-                String[] addRules = rules[LoadBalancerConfigurator.ADD];
-                String[] removeRules = rules[LoadBalancerConfigurator.REMOVE];
-                String[] statRules = rules[LoadBalancerConfigurator.STATS];
-
-                String args = "";
-                args += "-i " + routerIp;
-                args += " -f " + tmpCfgFilePath;
-
-                StringBuilder sb = new StringBuilder();
-                if (addRules.length > 0) {
-                    for (int i = 0; i < addRules.length; i++) {
-                        sb.append(addRules[i]).append(',');
-                    }
+        try {
 
-                    args += " -a " + sb.toString();
-                }
+            String[][] rules = cfgtr.generateFwRules(cmd);
 
-                sb = new StringBuilder();
-                if (removeRules.length > 0) {
-                    for (int i = 0; i < removeRules.length; i++) {
-                        sb.append(removeRules[i]).append(',');
-                    }
+            String[] addRules = rules[LoadBalancerConfigurator.ADD];
+            String[] removeRules = rules[LoadBalancerConfigurator.REMOVE];
+            String[] statRules = rules[LoadBalancerConfigurator.STATS];
 
-                    args += " -d " + sb.toString();
+            String args = "";
+            StringBuilder sb = new StringBuilder();
+            if (addRules.length > 0) {
+                for (int i = 0; i < addRules.length; i++) {
+                    sb.append(addRules[i]).append(',');
                 }
 
-                sb = new StringBuilder();
-                if (statRules.length > 0) {
-                    for (int i = 0; i < statRules.length; i++) {
-                        sb.append(statRules[i]).append(',');
-                    }
+                args += " -a " + sb.toString();
+            }
 
-                    args += " -s " + sb.toString();
+            sb = new StringBuilder();
+            if (removeRules.length > 0) {
+                for (int i = 0; i < removeRules.length; i++) {
+                    sb.append(removeRules[i]).append(',');
                 }
 
-                Pair<Boolean, String> result =
-                    SshHelper.sshExecute(controlIp, DefaultDomRSshPort, "root", mgr.getSystemVMKeyFile(), null, "scp " + tmpCfgFilePath +
-                        " /etc/haproxy/haproxy.cfg.new");
-
-                if (!result.first()) {
-                    s_logger.error("Unable to copy haproxy configuration file");
-                    return new Answer(cmd, false, "LoadBalancerConfigCommand failed due to uanble to copy haproxy configuration file");
-                }
+                args += " -d " + sb.toString();
+            }
 
-                if (s_logger.isDebugEnabled()) {
-                    s_logger.debug("Run command on domain router " + routerIp + ",  /root/loadbalancer.sh " + args);
+            sb = new StringBuilder();
+            if (statRules.length > 0) {
+                for (int i = 0; i < statRules.length; i++) {
+                    sb.append(statRules[i]).append(',');
                 }
 
-                result = SshHelper.sshExecute(controlIp, DefaultDomRSshPort, "root", mgr.getSystemVMKeyFile(), null, "/root/loadbalancer.sh " + args);
+                args += " -s " + sb.toString();
+            }
 
-                if (!result.first()) {
-                    String msg = "LoadBalancerConfigCommand on domain router " + routerIp + " failed. message: " + result.second();
-                    s_logger.error(msg);
+            Pair<Boolean, String> result;
+            if (cmd.getVpcId() == null) {
+                args = " -i " + routerIp + args;
+                result = SshHelper.sshExecute(controlIp, DefaultDomRSshPort, "root", mgr.getSystemVMKeyFile(), null, "/opt/cloud/bin/loadbalancer.sh " + args);
+            } else {
+                args = " -i " + cmd.getNic().getIp() + args;
+                result = SshHelper.sshExecute(controlIp, DefaultDomRSshPort, "root", mgr.getSystemVMKeyFile(), null, "/opt/cloud/bin/vpc_loadbalancer.sh " + args);
+            }
+            // Invoke the command
 
-                    return new Answer(cmd, false, msg);
-                }
+            if (!result.first()) {
+                String msg = "LoadBalancerConfigCommand on domain router " + routerIp + " failed. message: " + result.second();
+                s_logger.error(msg);
 
-                if (s_logger.isInfoEnabled()) {
-                    s_logger.info("LoadBalancerConfigCommand on domain router " + routerIp + " completed");
-                }
-            } finally {
-                SshHelper.sshExecute(controlIp, DefaultDomRSshPort, "root", mgr.getSystemVMKeyFile(), null, "rm " + tmpCfgFilePath);
+                return new Answer(cmd, false, msg);
             }
 
+            if (s_logger.isInfoEnabled()) {
+                s_logger.info("LoadBalancerConfigCommand on domain router " + routerIp + " completed");
+            }
             return new Answer(cmd);
         } catch (Throwable e) {
             s_logger.error("Unexpected exception: " + e.toString(), e);

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e88cc488/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
----------------------------------------------------------------------
diff --git a/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java b/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
index e7e4ee3..5aed214 100644
--- a/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
+++ b/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
@@ -2125,71 +2125,6 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
         return new SetStaticNatRulesAnswer(cmd, results, endResult);
     }
 
-    protected Answer VPCLoadBalancerConfig(final LoadBalancerConfigCommand cmd) {
-        Connection conn = getConnection();
-        String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
-
-        if (routerIp == null) {
-            return new Answer(cmd);
-        }
-
-        LoadBalancerConfigurator cfgtr = new HAProxyConfigurator();
-        String[] config = cfgtr.generateConfiguration(cmd);
-        String tmpCfgFileContents = "";
-        for (int i = 0; i < config.length; i++) {
-            tmpCfgFileContents += config[i];
-            tmpCfgFileContents += "\n";
-        }
-        String tmpCfgFilePath = "/etc/haproxy/haproxy.cfg.new";
-        String result = callHostPlugin(conn, "vmops", "createFileInDomr", "domrip", routerIp, "filepath", tmpCfgFilePath, "filecontents", tmpCfgFileContents);
-
-        if (result == null || result.isEmpty()) {
-            return new Answer(cmd, false, "LoadBalancerConfigCommand failed to create HA proxy cfg file.");
-        }
-
-        String[][] rules = cfgtr.generateFwRules(cmd);
-
-        String[] addRules = rules[LoadBalancerConfigurator.ADD];
-        String[] removeRules = rules[LoadBalancerConfigurator.REMOVE];
-        String[] statRules = rules[LoadBalancerConfigurator.STATS];
-
-        String ip = cmd.getNic().getIp();
-        String args = "-i " + ip;
-        StringBuilder sb = new StringBuilder();
-        if (addRules.length > 0) {
-            for (int i = 0; i < addRules.length; i++) {
-                sb.append(addRules[i]).append(',');
-            }
-
-            args += " -a " + sb.toString();
-        }
-
-        sb = new StringBuilder();
-        if (removeRules.length > 0) {
-            for (int i = 0; i < removeRules.length; i++) {
-                sb.append(removeRules[i]).append(',');
-            }
-
-            args += " -d " + sb.toString();
-        }
-
-        sb = new StringBuilder();
-        if (statRules.length > 0) {
-            for (int i = 0; i < statRules.length; i++) {
-                sb.append(statRules[i]).append(',');
-            }
-
-            args += " -s " + sb.toString();
-        }
-
-        result = routerProxy("vpc_loadbalancer.sh", cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP), args);
-
-        if (result == null || result.isEmpty()) {
-            return new Answer(cmd, false, "LoadBalancerConfigCommand failed");
-        }
-        return new Answer(cmd);
-    }
-
     protected Answer execute(final CreateIpAliasCommand cmd) {
         String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
         List<IpAliasTO> ipAliasTOs = cmd.getIpAliasList();
@@ -2244,11 +2179,12 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
 
     }
 
-    protected Answer execute(final LoadBalancerConfigCommand cmd) {
-        if (cmd.getVpcId() != null) {
-            return VPCLoadBalancerConfig(cmd);
-        }
+    protected String createFileInVR(String routerIp, String path, String content) {
         Connection conn = getConnection();
+        return callHostPlugin(conn, "vmops", "createFileInDomr", "domrip", routerIp, "filepath", path, "filecontents", content);
+    }
+
+    protected Answer execute(final LoadBalancerConfigCommand cmd) {
         String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
 
         if (routerIp == null) {
@@ -2257,29 +2193,26 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
 
         LoadBalancerConfigurator cfgtr = new HAProxyConfigurator();
         String[] config = cfgtr.generateConfiguration(cmd);
-
-        String[][] rules = cfgtr.generateFwRules(cmd);
-        String tmpCfgFilePath = "/tmp/" + routerIp.replace('.', '_') + ".cfg";
         String tmpCfgFileContents = "";
         for (int i = 0; i < config.length; i++) {
             tmpCfgFileContents += config[i];
             tmpCfgFileContents += "\n";
         }
-
-        String result = callHostPlugin(conn, "vmops", "createFile", "filepath", tmpCfgFilePath, "filecontents", tmpCfgFileContents);
+        String tmpCfgFilePath = "/etc/haproxy/haproxy.cfg.new";
+        String result = createFileInVR(routerIp, tmpCfgFilePath, tmpCfgFileContents);
 
         if (result == null || result.isEmpty()) {
             return new Answer(cmd, false, "LoadBalancerConfigCommand failed to create HA proxy cfg file.");
         }
 
+        String[][] rules = cfgtr.generateFwRules(cmd);
+
         String[] addRules = rules[LoadBalancerConfigurator.ADD];
         String[] removeRules = rules[LoadBalancerConfigurator.REMOVE];
         String[] statRules = rules[LoadBalancerConfigurator.STATS];
 
-        String args = "";
-        args += "-i " + routerIp;
-        args += " -f " + tmpCfgFilePath;
-
+        String ip = cmd.getNic().getIp();
+        String args = " -i " + ip;
         StringBuilder sb = new StringBuilder();
         if (addRules.length > 0) {
             for (int i = 0; i < addRules.length; i++) {
@@ -2307,14 +2240,17 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
             args += " -s " + sb.toString();
         }
 
-        result = callHostPlugin(conn, "vmops", "setLoadBalancerRule", "args", args);
+        if (cmd.getVpcId() == null) {
+            args = " -i " + routerIp + args;
+            result = routerProxy("loadbalancer.sh", routerIp, args);
+        } else {
+            args = " -i " + cmd.getNic().getIp() + args;
+            result = routerProxy("vpc_loadbalancer.sh", routerIp, args);
+        }
 
         if (result == null || result.isEmpty()) {
             return new Answer(cmd, false, "LoadBalancerConfigCommand failed");
         }
-
-        callHostPlugin(conn, "vmops", "deleteFile", "filepath", tmpCfgFilePath);
-
         return new Answer(cmd);
     }
 

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e88cc488/scripts/network/domr/call_loadbalancer.sh
----------------------------------------------------------------------
diff --git a/scripts/network/domr/call_loadbalancer.sh b/scripts/network/domr/call_loadbalancer.sh
deleted file mode 100755
index 070947c..0000000
--- a/scripts/network/domr/call_loadbalancer.sh
+++ /dev/null
@@ -1,101 +0,0 @@
-#!/usr/bin/env bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-# 
-#   http://www.apache.org/licenses/LICENSE-2.0
-# 
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
-# $Id: call_loadbalancer.sh 9132 2010-06-04 20:17:43Z manuel $ $HeadURL: svn://svn.lab.vmops.com/repos/branches/2.0.0/java/scripts/vm/hypervisor/xenserver/patch/call_loadbalancer.sh $
-# loadbalancer.sh -- reconfigure loadbalancer rules
-
-usage() {
-  printf "Usage: %s:  -i <domR eth1 ip>  -a <added public ip address> -d <removed> -f <load balancer config> -s <stats guest ip >\n" $(basename $0) >&2
-}
-
-set -x
-
-check_gw() {
-  ping -c 1 -n -q $1 > /dev/null
-  if [ $? -gt 0 ]
-  then
-    sleep 1
-    ping -c 1 -n -q $1 > /dev/null
-  fi
-  return $?;
-}
-
-copy_haproxy() {
-  local domRIp=$1
-  local cfg=$2
-
-  scp -P 3922 -q -o StrictHostKeyChecking=no -i $cert $cfg root@$domRIp:/etc/haproxy/haproxy.cfg.new
-  return $?
-}
-
-iflag=
-aflag=
-dflag=
-fflag=
-sflag=
-
-while getopts 'i:a:d:f:s:' OPTION
-do
-  case $OPTION in
-  i)	iflag=1
-		domRIp="$OPTARG"
-		;;
-  a)	aflag=1
-		addedIps="$OPTARG"
-		;;
-  d)	dflag=1
-		removedIps="$OPTARG"
-		;;
-  f)	fflag=1
-		cfgfile="$OPTARG"
-		;;
-  s)	sflag=1
-		statsIps="$OPTARG"
-		;;
-  ?)	usage
-		exit 2
-		;;
-  esac
-done
-
-cert="/root/.ssh/id_rsa.cloud"
-
-if [ "$iflag$fflag" != "11" ]
-then
-  usage
-  exit 2
-fi
-
-# Check if DomR is up and running. If it isn't, exit 1.
-check_gw "$domRIp"
-if [ $? -gt 0 ]
-then
-  exit 1
-fi
-
-copy_haproxy $domRIp $cfgfile
-
-if [ $? -gt 0 ]
-then
-  printf "Reconfiguring loadbalancer failed\n"
-  exit 1
-fi
-	
-ssh -p 3922 -q -o StrictHostKeyChecking=no -i $cert root@$domRIp "/root/loadbalancer.sh $*"
-exit $?	

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e88cc488/scripts/vm/hypervisor/xenserver/vmops
----------------------------------------------------------------------
diff --git a/scripts/vm/hypervisor/xenserver/vmops b/scripts/vm/hypervisor/xenserver/vmops
index 82d4a9f..96b7866 100755
--- a/scripts/vm/hypervisor/xenserver/vmops
+++ b/scripts/vm/hypervisor/xenserver/vmops
@@ -239,21 +239,6 @@ def routerProxy(session, args):
     return txt
 
 @echo
-def setLoadBalancerRule(session, args):
-    sargs = args['args']
-    cmd = sargs.split(' ')
-    cmd.insert(0, "/opt/cloud/bin/call_loadbalancer.sh")
-    cmd.insert(0, "/bin/bash")
-    try:
-        txt = util.pread2(cmd)
-        txt = 'success'
-    except:
-        logging.debug(" set loadbalancer rule failed "  )
-        txt = '' 
-
-    return txt
-
-@echo
 def createFile(session, args):
     file_path = args['filepath']
     file_contents = args['filecontents']
@@ -1540,7 +1525,7 @@ if __name__ == "__main__":
                             "setIptables": setIptables, "pingdomr": pingdomr, "pingxenserver": pingxenserver,  
                             "savePassword": savePassword, 
                             "routerProxy": routerProxy, 
-                            "setLoadBalancerRule": setLoadBalancerRule, "createFile": createFile, "deleteFile": deleteFile, 
+                            "createFile": createFile, "deleteFile": deleteFile,
                             "network_rules":network_rules, 
                             "can_bridge_firewall":can_bridge_firewall, "default_network_rules":default_network_rules,
                             "destroy_network_rules_for_vm":destroy_network_rules_for_vm, 

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e88cc488/systemvm/patches/debian/config/opt/cloud/bin/loadbalancer.sh
----------------------------------------------------------------------
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/loadbalancer.sh b/systemvm/patches/debian/config/opt/cloud/bin/loadbalancer.sh
new file mode 100755
index 0000000..2c7f77a
--- /dev/null
+++ b/systemvm/patches/debian/config/opt/cloud/bin/loadbalancer.sh
@@ -0,0 +1,320 @@
+#!/usr/bin/env bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+ 
+
+# $Id: loadbalancer.sh 9947 2010-06-25 19:34:24Z manuel $ $HeadURL: svn://svn.lab.vmops.com/repos/vmdev/java/patches/xenserver/root/loadbalancer.sh $
+# loadbalancer.sh -- reconfigure loadbalancer rules
+# @VERSION@
+
+source /root/func.sh
+
+lock="biglock"
+locked=$(getLockFile $lock)
+if [ "$locked" != "1" ]
+then
+    exit 1
+fi
+
+usage() {
+  printf "Usage: %s:  -i <domR eth1 ip>  -a <added public ip address ip:port> -d <removed ip:port> -f <load balancer config> -s <stats ip ip:port:cidr>  \n" $(basename $0) >&2
+}
+
+# set -x
+
+# ensure that the nic has the public ip we are load balancing on
+ip_entry() {
+  local added=$1
+  local removed=$2
+  
+  if [ "$added" == "none" ]
+  then
+  	added=""
+  fi
+  
+  if [ "$removed" == "none" ]
+  then
+  	removed=""
+  fi
+  
+  local a=$(echo $added | cut -d, -f1- --output-delimiter=" ")
+  local r=$(echo $removed | cut -d, -f1- --output-delimiter=" ")
+  
+  for i in $a
+  do
+    local pubIp=$(echo $i | cut -d: -f1)
+    logger -t cloud "Adding  public ip $pubIp for load balancing"  
+    for vif in $VIF_LIST; do 
+      sudo ip addr add dev $vif $pubIp/32
+      #ignore error since it is because the ip is already there
+    done      
+  done
+
+  for i in $r
+  do
+    logger -t cloud "Removing  public ips for deleted loadbalancers"  
+    local pubIp=$(echo $i | cut -d: -f1)
+    logger -t cloud "Removing  public ip $pubIp for deleted loadbalancers"  
+    for vif in $VIF_LIST; do 
+      sudo ip addr del $pubIp/32 dev $vif 
+    done
+  done
+  
+  return 0
+}
+get_lb_vif_list() {
+# add eth0 to the VIF_LIST if it is not there, this allows guest VMs to use the LB service.
+  local lb_list="$VIF_LIST eth0";
+  lb_list=$(echo $lb_list | tr " " "\n" | sort | uniq | tr "\n" " ")
+  echo $lb_list
+}
+fw_remove_backup() {
+  local lb_vif_list=$(get_lb_vif_list)
+  for vif in $lb_vif_list; do 
+    sudo iptables -F back_load_balancer_$vif 2> /dev/null
+    sudo iptables -D INPUT -i $vif -p tcp  -j back_load_balancer_$vif 2> /dev/null
+    sudo iptables -X back_load_balancer_$vif 2> /dev/null
+  done
+  sudo iptables -F back_lb_stats 2> /dev/null
+  sudo iptables -D INPUT -p tcp  -j back_lb_stats 2> /dev/null
+  sudo iptables -X back_lb_stats 2> /dev/null
+}
+fw_restore() {
+  local lb_vif_list=$(get_lb_vif_list)
+  for vif in $lb_vif_list; do 
+    sudo iptables -F load_balancer_$vif 2> /dev/null
+    sudo iptables -D INPUT -i $vif -p tcp  -j load_balancer_$vif 2> /dev/null
+    sudo iptables -X load_balancer_$vif 2> /dev/null
+    sudo iptables -E back_load_balancer_$vif load_balancer_$vif 2> /dev/null
+  done
+  sudo iptables -F lb_stats 2> /dev/null
+  sudo iptables -D INPUT -p tcp  -j lb_stats 2> /dev/null
+  sudo iptables -X lb_stats 2> /dev/null
+  sudo iptables -E back_lb_stats lb_stats 2> /dev/null
+}
+# firewall entry to ensure that haproxy can receive on specified port
+fw_entry() {
+  local added=$1
+  local removed=$2
+  local stats=$3
+  
+  if [ "$added" == "none" ]
+  then
+  	added=""
+  fi
+  
+  if [ "$removed" == "none" ]
+  then
+  	removed=""
+  fi
+  
+  local a=$(echo $added | cut -d, -f1- --output-delimiter=" ")
+  local r=$(echo $removed | cut -d, -f1- --output-delimiter=" ")
+
+# back up the iptable rules by renaming before creating new. 
+  local lb_vif_list=$(get_lb_vif_list)
+  for vif in $lb_vif_list; do 
+    sudo iptables -E load_balancer_$vif back_load_balancer_$vif 2> /dev/null
+    sudo iptables -N load_balancer_$vif 2> /dev/null
+    sudo iptables -A INPUT -i $vif -p tcp  -j load_balancer_$vif
+  done
+  sudo iptables -E lb_stats back_lb_stats 2> /dev/null
+  sudo iptables -N lb_stats 2> /dev/null
+  sudo iptables -A INPUT  -p tcp  -j lb_stats
+
+  for i in $a
+  do
+    local pubIp=$(echo $i | cut -d: -f1)
+    local dport=$(echo $i | cut -d: -f2)    
+    local lb_vif_list=$(get_lb_vif_list)
+    for vif in $lb_vif_list; do 
+
+#TODO : The below delete will be used only when we upgrade the from older verion to the newer one , the below delete become obsolute in the future.
+      sudo iptables -D INPUT -i $vif  -p tcp -d $pubIp --dport $dport -j ACCEPT 2> /dev/null
+
+      sudo iptables -A load_balancer_$vif  -p tcp -d $pubIp --dport $dport -j ACCEPT
+      
+      if [ $? -gt 0 ]
+      then
+        return 1
+      fi
+    done      
+  done
+  local pubIp=$(echo $stats | cut -d: -f1)
+  local dport=$(echo $stats | cut -d: -f2)    
+  local cidrs=$(echo $stats | cut -d: -f3 | sed 's/-/,/')
+  sudo iptables -A lb_stats -s $cidrs -p tcp -m state --state NEW -d $pubIp --dport $dport -j ACCEPT
+ 
+
+#TODO : The below delete in the for-loop  will be used only when we upgrade the from older verion to the newer one , the below delete become obsolute in the future.
+  for i in $r
+  do
+    local pubIp=$(echo $i | cut -d: -f1)
+    local dport=$(echo $i | cut -d: -f2)    
+    
+    for vif in $VIF_LIST; do 
+      sudo iptables -D INPUT -i $vif  -p tcp -d $pubIp --dport $dport -j ACCEPT 2> /dev/null
+    done
+  done
+ 
+  return 0
+}
+
+#Hot reconfigure HA Proxy in the routing domain
+reconfig_lb() {
+  /root/reconfigLB.sh
+  return $?
+}
+
+# Restore the HA Proxy to its previous state, and revert iptables rules on DomR
+restore_lb() {
+  logger -t cloud "Restoring HA Proxy to previous state"
+  # Copy the old version of haproxy.cfg into the file that reconfigLB.sh uses
+  cp /etc/haproxy/haproxy.cfg.old /etc/haproxy/haproxy.cfg.new
+   
+  if [ $? -eq 0 ]
+  then
+    # Run reconfigLB.sh again
+    /root/reconfigLB.sh
+  fi
+}
+
+get_vif_list() {
+  local vif_list=""
+  for i in /sys/class/net/eth*; do 
+    vif=$(basename $i);
+    if [ "$vif" != "eth0" ] && [ "$vif" != "eth1" ]
+    then
+      vif_list="$vif_list $vif";
+    fi
+  done
+  if [ "$vif_list" == "" ]
+  then
+      vif_list="eth0"
+  fi
+  
+  logger -t cloud "Loadbalancer public interfaces = $vif_list"
+  echo $vif_list
+}
+
+mflag=
+iflag=
+aflag=
+dflag=
+fflag=
+sflag=
+
+while getopts 'i:a:d:f:s:' OPTION
+do
+  case $OPTION in
+  i)	iflag=1
+		domRIp="$OPTARG"
+		;;
+  a)	aflag=1
+		addedIps="$OPTARG"
+		;;
+  d)	dflag=1
+		removedIps="$OPTARG"
+		;;
+  f)	fflag=1
+		cfgfile="$OPTARG"
+		;;
+
+  s)	sflag=1
+		statsIp="$OPTARG"
+		;;
+  ?)	usage
+                unlock_exit 2 $lock $locked
+		;;
+  esac
+done
+
+if [ "$addedIps" == "" ]
+then
+  addedIps="none"
+fi
+
+
+if [ "$removedIps" == "" ]
+then
+  removedIps="none"
+fi
+
+VIF_LIST=$(get_vif_list)
+
+
+if [ "$addedIps" == "" ]
+then
+  addedIps="none"
+fi
+
+if [ "$removedIps" == "" ]
+then
+  removedIps="none"
+fi
+
+#FIXME: make this explicit via check on vm type or passed in flag
+if [ "$VIF_LIST" == "eth0"  ]
+then
+   ip_entry $addedIps $removedIps
+fi
+
+# hot reconfigure haproxy
+reconfig_lb $cfgfile
+
+if [ $? -gt 0 ]
+then
+  logger -t cloud "Reconfiguring loadbalancer failed"
+  #FIXME: make this explicit via check on vm type or passed in flag
+  if [ "$VIF_LIST" == "eth0"  ]
+  then
+     ip_entry $removedIps $addedIps
+  fi
+  unlock_exit 1 $lock $locked
+fi
+
+# iptables entry to ensure that haproxy receives traffic
+fw_entry $addedIps $removedIps $statsIp
+  	
+if [ $? -gt 0 ]
+then
+  logger -t cloud "Failed to apply firewall rules for load balancing, reverting HA Proxy config"
+  # Restore the LB
+  restore_lb
+
+
+  logger -t cloud "Reverting firewall config"
+  # Revert iptables rules on DomR
+  fw_restore
+
+  #FIXME: make this explicit via check on vm type or passed in flag
+  if [ "$VIF_LIST" == "eth0"  ]
+  then
+     logger -t cloud "Reverting ip address changes to eth0"
+     ip_entry $removedIps $addedIps
+  fi
+
+  unlock_exit 1 $lock $locked
+else
+  # Remove backedup iptable rules
+  fw_remove_backup
+fi
+ 
+unlock_exit 0 $lock $locked
+  	
+

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e88cc488/systemvm/patches/debian/config/root/loadbalancer.sh
----------------------------------------------------------------------
diff --git a/systemvm/patches/debian/config/root/loadbalancer.sh b/systemvm/patches/debian/config/root/loadbalancer.sh
deleted file mode 100755
index 2c7f77a..0000000
--- a/systemvm/patches/debian/config/root/loadbalancer.sh
+++ /dev/null
@@ -1,320 +0,0 @@
-#!/usr/bin/env bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
- 
-
-# $Id: loadbalancer.sh 9947 2010-06-25 19:34:24Z manuel $ $HeadURL: svn://svn.lab.vmops.com/repos/vmdev/java/patches/xenserver/root/loadbalancer.sh $
-# loadbalancer.sh -- reconfigure loadbalancer rules
-# @VERSION@
-
-source /root/func.sh
-
-lock="biglock"
-locked=$(getLockFile $lock)
-if [ "$locked" != "1" ]
-then
-    exit 1
-fi
-
-usage() {
-  printf "Usage: %s:  -i <domR eth1 ip>  -a <added public ip address ip:port> -d <removed ip:port> -f <load balancer config> -s <stats ip ip:port:cidr>  \n" $(basename $0) >&2
-}
-
-# set -x
-
-# ensure that the nic has the public ip we are load balancing on
-ip_entry() {
-  local added=$1
-  local removed=$2
-  
-  if [ "$added" == "none" ]
-  then
-  	added=""
-  fi
-  
-  if [ "$removed" == "none" ]
-  then
-  	removed=""
-  fi
-  
-  local a=$(echo $added | cut -d, -f1- --output-delimiter=" ")
-  local r=$(echo $removed | cut -d, -f1- --output-delimiter=" ")
-  
-  for i in $a
-  do
-    local pubIp=$(echo $i | cut -d: -f1)
-    logger -t cloud "Adding  public ip $pubIp for load balancing"  
-    for vif in $VIF_LIST; do 
-      sudo ip addr add dev $vif $pubIp/32
-      #ignore error since it is because the ip is already there
-    done      
-  done
-
-  for i in $r
-  do
-    logger -t cloud "Removing  public ips for deleted loadbalancers"  
-    local pubIp=$(echo $i | cut -d: -f1)
-    logger -t cloud "Removing  public ip $pubIp for deleted loadbalancers"  
-    for vif in $VIF_LIST; do 
-      sudo ip addr del $pubIp/32 dev $vif 
-    done
-  done
-  
-  return 0
-}
-get_lb_vif_list() {
-# add eth0 to the VIF_LIST if it is not there, this allows guest VMs to use the LB service.
-  local lb_list="$VIF_LIST eth0";
-  lb_list=$(echo $lb_list | tr " " "\n" | sort | uniq | tr "\n" " ")
-  echo $lb_list
-}
-fw_remove_backup() {
-  local lb_vif_list=$(get_lb_vif_list)
-  for vif in $lb_vif_list; do 
-    sudo iptables -F back_load_balancer_$vif 2> /dev/null
-    sudo iptables -D INPUT -i $vif -p tcp  -j back_load_balancer_$vif 2> /dev/null
-    sudo iptables -X back_load_balancer_$vif 2> /dev/null
-  done
-  sudo iptables -F back_lb_stats 2> /dev/null
-  sudo iptables -D INPUT -p tcp  -j back_lb_stats 2> /dev/null
-  sudo iptables -X back_lb_stats 2> /dev/null
-}
-fw_restore() {
-  local lb_vif_list=$(get_lb_vif_list)
-  for vif in $lb_vif_list; do 
-    sudo iptables -F load_balancer_$vif 2> /dev/null
-    sudo iptables -D INPUT -i $vif -p tcp  -j load_balancer_$vif 2> /dev/null
-    sudo iptables -X load_balancer_$vif 2> /dev/null
-    sudo iptables -E back_load_balancer_$vif load_balancer_$vif 2> /dev/null
-  done
-  sudo iptables -F lb_stats 2> /dev/null
-  sudo iptables -D INPUT -p tcp  -j lb_stats 2> /dev/null
-  sudo iptables -X lb_stats 2> /dev/null
-  sudo iptables -E back_lb_stats lb_stats 2> /dev/null
-}
-# firewall entry to ensure that haproxy can receive on specified port
-fw_entry() {
-  local added=$1
-  local removed=$2
-  local stats=$3
-  
-  if [ "$added" == "none" ]
-  then
-  	added=""
-  fi
-  
-  if [ "$removed" == "none" ]
-  then
-  	removed=""
-  fi
-  
-  local a=$(echo $added | cut -d, -f1- --output-delimiter=" ")
-  local r=$(echo $removed | cut -d, -f1- --output-delimiter=" ")
-
-# back up the iptable rules by renaming before creating new. 
-  local lb_vif_list=$(get_lb_vif_list)
-  for vif in $lb_vif_list; do 
-    sudo iptables -E load_balancer_$vif back_load_balancer_$vif 2> /dev/null
-    sudo iptables -N load_balancer_$vif 2> /dev/null
-    sudo iptables -A INPUT -i $vif -p tcp  -j load_balancer_$vif
-  done
-  sudo iptables -E lb_stats back_lb_stats 2> /dev/null
-  sudo iptables -N lb_stats 2> /dev/null
-  sudo iptables -A INPUT  -p tcp  -j lb_stats
-
-  for i in $a
-  do
-    local pubIp=$(echo $i | cut -d: -f1)
-    local dport=$(echo $i | cut -d: -f2)    
-    local lb_vif_list=$(get_lb_vif_list)
-    for vif in $lb_vif_list; do 
-
-#TODO : The below delete will be used only when we upgrade the from older verion to the newer one , the below delete become obsolute in the future.
-      sudo iptables -D INPUT -i $vif  -p tcp -d $pubIp --dport $dport -j ACCEPT 2> /dev/null
-
-      sudo iptables -A load_balancer_$vif  -p tcp -d $pubIp --dport $dport -j ACCEPT
-      
-      if [ $? -gt 0 ]
-      then
-        return 1
-      fi
-    done      
-  done
-  local pubIp=$(echo $stats | cut -d: -f1)
-  local dport=$(echo $stats | cut -d: -f2)    
-  local cidrs=$(echo $stats | cut -d: -f3 | sed 's/-/,/')
-  sudo iptables -A lb_stats -s $cidrs -p tcp -m state --state NEW -d $pubIp --dport $dport -j ACCEPT
- 
-
-#TODO : The below delete in the for-loop  will be used only when we upgrade the from older verion to the newer one , the below delete become obsolute in the future.
-  for i in $r
-  do
-    local pubIp=$(echo $i | cut -d: -f1)
-    local dport=$(echo $i | cut -d: -f2)    
-    
-    for vif in $VIF_LIST; do 
-      sudo iptables -D INPUT -i $vif  -p tcp -d $pubIp --dport $dport -j ACCEPT 2> /dev/null
-    done
-  done
- 
-  return 0
-}
-
-#Hot reconfigure HA Proxy in the routing domain
-reconfig_lb() {
-  /root/reconfigLB.sh
-  return $?
-}
-
-# Restore the HA Proxy to its previous state, and revert iptables rules on DomR
-restore_lb() {
-  logger -t cloud "Restoring HA Proxy to previous state"
-  # Copy the old version of haproxy.cfg into the file that reconfigLB.sh uses
-  cp /etc/haproxy/haproxy.cfg.old /etc/haproxy/haproxy.cfg.new
-   
-  if [ $? -eq 0 ]
-  then
-    # Run reconfigLB.sh again
-    /root/reconfigLB.sh
-  fi
-}
-
-get_vif_list() {
-  local vif_list=""
-  for i in /sys/class/net/eth*; do 
-    vif=$(basename $i);
-    if [ "$vif" != "eth0" ] && [ "$vif" != "eth1" ]
-    then
-      vif_list="$vif_list $vif";
-    fi
-  done
-  if [ "$vif_list" == "" ]
-  then
-      vif_list="eth0"
-  fi
-  
-  logger -t cloud "Loadbalancer public interfaces = $vif_list"
-  echo $vif_list
-}
-
-mflag=
-iflag=
-aflag=
-dflag=
-fflag=
-sflag=
-
-while getopts 'i:a:d:f:s:' OPTION
-do
-  case $OPTION in
-  i)	iflag=1
-		domRIp="$OPTARG"
-		;;
-  a)	aflag=1
-		addedIps="$OPTARG"
-		;;
-  d)	dflag=1
-		removedIps="$OPTARG"
-		;;
-  f)	fflag=1
-		cfgfile="$OPTARG"
-		;;
-
-  s)	sflag=1
-		statsIp="$OPTARG"
-		;;
-  ?)	usage
-                unlock_exit 2 $lock $locked
-		;;
-  esac
-done
-
-if [ "$addedIps" == "" ]
-then
-  addedIps="none"
-fi
-
-
-if [ "$removedIps" == "" ]
-then
-  removedIps="none"
-fi
-
-VIF_LIST=$(get_vif_list)
-
-
-if [ "$addedIps" == "" ]
-then
-  addedIps="none"
-fi
-
-if [ "$removedIps" == "" ]
-then
-  removedIps="none"
-fi
-
-#FIXME: make this explicit via check on vm type or passed in flag
-if [ "$VIF_LIST" == "eth0"  ]
-then
-   ip_entry $addedIps $removedIps
-fi
-
-# hot reconfigure haproxy
-reconfig_lb $cfgfile
-
-if [ $? -gt 0 ]
-then
-  logger -t cloud "Reconfiguring loadbalancer failed"
-  #FIXME: make this explicit via check on vm type or passed in flag
-  if [ "$VIF_LIST" == "eth0"  ]
-  then
-     ip_entry $removedIps $addedIps
-  fi
-  unlock_exit 1 $lock $locked
-fi
-
-# iptables entry to ensure that haproxy receives traffic
-fw_entry $addedIps $removedIps $statsIp
-  	
-if [ $? -gt 0 ]
-then
-  logger -t cloud "Failed to apply firewall rules for load balancing, reverting HA Proxy config"
-  # Restore the LB
-  restore_lb
-
-
-  logger -t cloud "Reverting firewall config"
-  # Revert iptables rules on DomR
-  fw_restore
-
-  #FIXME: make this explicit via check on vm type or passed in flag
-  if [ "$VIF_LIST" == "eth0"  ]
-  then
-     logger -t cloud "Reverting ip address changes to eth0"
-     ip_entry $removedIps $addedIps
-  fi
-
-  unlock_exit 1 $lock $locked
-else
-  # Remove backedup iptable rules
-  fw_remove_backup
-fi
- 
-unlock_exit 0 $lock $locked
-  	
-


Mime
View raw message