cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r...@apache.org
Subject [4/9] git commit: updated refs/heads/master to 2ce5a0c
Date Wed, 14 Oct 2015 16:32:08 GMT
CLOUDSTACK-8947 - Open the input chain to IP when loadbalancer is configured

   - Also remove the chain rule when it is removed.


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/052c0dc4
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/052c0dc4
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/052c0dc4

Branch: refs/heads/master
Commit: 052c0dc4c92ee2f586daa600051f7365176f675f
Parents: cbd6464
Author: Wilder Rodrigues <wrodrigues@schubergphilis.com>
Authored: Tue Oct 13 12:28:48 2015 +0200
Committer: Wilder Rodrigues <wrodrigues@schubergphilis.com>
Committed: Wed Oct 14 07:44:38 2015 +0200

----------------------------------------------------------------------
 .../config/opt/cloud/bin/cs/CsLoadBalancer.py   | 21 +++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/052c0dc4/systemvm/patches/debian/config/opt/cloud/bin/cs/CsLoadBalancer.py
----------------------------------------------------------------------
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsLoadBalancer.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsLoadBalancer.py
index 4199d70..4dce95f 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsLoadBalancer.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsLoadBalancer.py
@@ -27,7 +27,7 @@ HAPROXY_CONF_P = "/etc/haproxy/haproxy.cfg"
 
 
 class CsLoadBalancer(CsDataBag):
-    """ Manage dhcp entries """
+    """ Manage Load Balance entries """
 
     def process(self):
         if "config" not in self.dbag.keys():
@@ -44,3 +44,22 @@ class CsLoadBalancer(CsDataBag):
             file1.commit()
             shutil.copy2(HAPROXY_CONF_T, HAPROXY_CONF_P)
             CsHelper.service("haproxy", "restart")
+        
+        add_rules = self.dbag['config'][0]['add_rules']
+        remove_rules = self.dbag['config'][0]['remove_rules']
+        self._configure_firewall(add_rules, remove_rules)
+
+    def _configure_firewall(self, add_rules, remove_rules):
+        firewall = self.fw
+        
+        for rules in add_rules:
+            path = rules.split(':')
+            ip = path[0]
+            port = path[1]
+            fw.append(["filter", "", "-A INPUT -p tcp -m tcp -d %s --dport %s -m state --state
NEW -j ACCEPT" % (ip, port)])
+
+        for rules in remove_rules:
+            path = rules.split(':')
+            ip = path[0]
+            port = path[1]
+            fw.append(["filter", "", "-D INPUT -p tcp -m tcp -d %s --dport %s -m state --state
NEW -j ACCEPT" % (ip, port)])


Mime
View raw message