Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 47521200D4A for ; Tue, 28 Nov 2017 15:12:32 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 45AC4160C16; Tue, 28 Nov 2017 14:12:32 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 8ED3B160C07 for ; Tue, 28 Nov 2017 15:12:30 +0100 (CET) Received: (qmail 23035 invoked by uid 500); 28 Nov 2017 14:12:29 -0000 Mailing-List: contact commits-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cloudstack.apache.org Delivered-To: mailing list commits@cloudstack.apache.org Received: (qmail 23026 invoked by uid 99); 28 Nov 2017 14:12:29 -0000 Received: from ec2-52-202-80-70.compute-1.amazonaws.com (HELO gitbox.apache.org) (52.202.80.70) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 28 Nov 2017 14:12:29 +0000 Received: by gitbox.apache.org (ASF Mail Server at gitbox.apache.org, from userid 33) id 8BB0F84991; Tue, 28 Nov 2017 14:12:28 +0000 (UTC) Date: Tue, 28 Nov 2017 14:12:30 +0000 To: "commits@cloudstack.apache.org" Subject: [cloudstack] 03/03: wip- make redundant routers work again MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit From: bhaisaab@apache.org In-Reply-To: <151187834761.3855.5128150591317031489@gitbox.apache.org> References: <151187834761.3855.5128150591317031489@gitbox.apache.org> X-Git-Host: gitbox.apache.org X-Git-Repo: cloudstack X-Git-Refname: refs/heads/debian9-systemvmtemplate X-Git-Reftype: branch X-Git-Rev: 233fb7047c3d95d38284579af795d0fd1b769681 X-Git-NotificationType: diff X-Git-Multimail-Version: 1.5.dev Auto-Submitted: auto-generated Message-Id: <20171128141228.8BB0F84991@gitbox.apache.org> archived-at: Tue, 28 Nov 2017 14:12:32 -0000 This is an automated email from the ASF dual-hosted git repository. bhaisaab pushed a commit to branch debian9-systemvmtemplate in repository https://gitbox.apache.org/repos/asf/cloudstack.git commit 233fb7047c3d95d38284579af795d0fd1b769681 Author: Rohit Yadav AuthorDate: Sun Nov 26 13:32:33 2017 +0530 wip- make redundant routers work again fix blockers Signed-off-by: Rohit Yadav --- .../debian/config/opt/cloud/bin/configure.py | 6 +- .../debian/config/opt/cloud/bin/cs/CsRedundant.py | 133 ------- .../config/opt/cloud/bin/cs/CsStaticRoutes.py | 5 +- .../debian/config/opt/cloud/bin/setup/common.sh | 59 ++- .../opt/cloud/templates/checkrouter.sh.templ | 2 +- .../opt/cloud/templates/keepalived.conf.templ | 2 +- .../root/redundant_router/arping_gateways.sh.templ | 29 -- .../config/root/redundant_router/backup.sh.templ | 39 -- .../config/root/redundant_router/check_bumpup.sh | 19 - .../root/redundant_router/check_heartbeat.sh.templ | 60 --- .../root/redundant_router/checkrouter.sh.templ | 56 --- .../root/redundant_router/conntrackd.conf.templ | 401 --------------------- .../config/root/redundant_router/disable_pubip.sh | 23 -- .../root/redundant_router/enable_pubip.sh.templ | 50 --- .../config/root/redundant_router/fault.sh.templ | 37 -- .../root/redundant_router/heartbeat.sh.templ | 20 - .../root/redundant_router/keepalived.conf.templ | 57 --- .../config/root/redundant_router/master.sh.templ | 60 --- .../root/redundant_router/primary-backup.sh.templ | 126 ------- .../config/root/redundant_router/services.sh | 68 ---- 20 files changed, 31 insertions(+), 1221 deletions(-) diff --git a/systemvm/patches/debian/config/opt/cloud/bin/configure.py b/systemvm/patches/debian/config/opt/cloud/bin/configure.py index 68d1c26..9a09f9b 100755 --- a/systemvm/patches/debian/config/opt/cloud/bin/configure.py +++ b/systemvm/patches/debian/config/opt/cloud/bin/configure.py @@ -31,11 +31,10 @@ import os.path import os from fcntl import flock, LOCK_EX, LOCK_UN +import cs.CsHelper as CsHelper from cs.CsDatabag import CsDataBag, CsCmdLine -import cs.CsHelper from cs.CsNetfilter import CsNetfilters from cs.CsDhcp import CsDhcp -from cs.CsRedundant import * from cs.CsFile import CsFile from cs.CsApp import CsApache, CsDnsmasq from cs.CsMonitor import CsMonitor @@ -1063,9 +1062,6 @@ def main(argv): CsHelper.save_iptables("iptables-save", "/etc/iptables/router_rules.v4") CsHelper.save_iptables("ip6tables-save", "/etc/iptables/router_rules.v6") - red = CsRedundant(config) - red.set() - if process_file in ["cmd_line.json", "static_routes.json"]: logging.debug("Configuring static routes") static_routes = CsStaticRoutes("staticroutes", config) diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRedundant.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRedundant.py index f8d2bc2..c0c13db 100755 --- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRedundant.py +++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRedundant.py @@ -64,139 +64,6 @@ class CsRedundant(object): self.address = config.address() self.config = config - def set(self): - logging.debug("Router redundancy status is %s", self.cl.is_redundant()) - if self.cl.is_redundant(): - self._redundant_on() - else: - self._redundant_off() - - def _redundant_off(self): - CsHelper.service("conntrackd", "stop") - CsHelper.service("keepalived", "stop") - CsHelper.umount_tmpfs(self.CS_RAMDISK_DIR) - CsHelper.rmdir(self.CS_RAMDISK_DIR) - CsHelper.rm(self.CONNTRACKD_CONF) - CsHelper.rm(self.KEEPALIVED_CONF) - - def _redundant_on(self): - guest = self.address.get_guest_if() - - # No redundancy if there is no guest network - if guest is None: - self.set_backup() - self._redundant_off() - return - - interfaces = [interface for interface in self.address.get_interfaces() if interface.is_guest()] - isDeviceReady = False - dev = '' - for interface in interfaces: - if dev == interface.get_device(): - continue - dev = interface.get_device() - logging.info("Wait for devices to be configured so we can start keepalived") - devConfigured = CsDevice(dev, self.config).waitfordevice() - if devConfigured: - command = "ip link show %s | grep 'state UP'" % dev - devUp = CsHelper.execute(command) - if devUp: - logging.info("Device %s is present, let's start keepalive now." % dev) - isDeviceReady = True - - if not isDeviceReady: - logging.info("Guest network not configured yet, let's stop router redundancy for now.") - CsHelper.service("conntrackd", "stop") - CsHelper.service("keepalived", "stop") - return - - CsHelper.mkdir(self.CS_RAMDISK_DIR, 0755, False) - CsHelper.mount_tmpfs(self.CS_RAMDISK_DIR) - CsHelper.mkdir(self.CS_ROUTER_DIR, 0755, False) - for s in self.CS_TEMPLATES: - d = s - if s.endswith(".templ"): - d = s.replace(".templ", "") - CsHelper.copy_if_needed( - "%s/%s" % (self.CS_TEMPLATES_DIR, s), "%s/%s" % (self.CS_ROUTER_DIR, d)) - - CsHelper.copy_if_needed( - "%s/%s" % (self.CS_TEMPLATES_DIR, "keepalived.conf.templ"), self.KEEPALIVED_CONF) - CsHelper.copy_if_needed( - "%s/%s" % (self.CS_TEMPLATES_DIR, "checkrouter.sh.templ"), "/opt/cloud/bin/checkrouter.sh") - - CsHelper.execute( - 'sed -i "s/--exec\ \$DAEMON;/--exec\ \$DAEMON\ --\ --vrrp;/g" /etc/init.d/keepalived') - # checkrouter.sh configuration - check_router = CsFile("/opt/cloud/bin/checkrouter.sh") - check_router.greplace("[RROUTER_LOG]", self.RROUTER_LOG) - check_router.commit() - - # keepalived configuration - keepalived_conf = CsFile(self.KEEPALIVED_CONF) - keepalived_conf.search( - " router_id ", " router_id %s" % self.cl.get_name()) - keepalived_conf.search( - " interface ", " interface %s" % guest.get_device()) - keepalived_conf.search( - " advert_int ", " advert_int %s" % self.cl.get_advert_int()) - - keepalived_conf.greplace("[RROUTER_BIN_PATH]", self.CS_ROUTER_DIR) - keepalived_conf.section("authentication {", "}", [ - " auth_type AH \n", " auth_pass %s\n" % self.cl.get_router_password()]) - keepalived_conf.section( - "virtual_ipaddress {", "}", self._collect_ips()) - - # conntrackd configuration - conntrackd_template_conf = "%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ") - conntrackd_temp_bkp = "%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ.bkp") - - CsHelper.copy(conntrackd_template_conf, conntrackd_temp_bkp) - - conntrackd_tmpl = CsFile(conntrackd_template_conf) - conntrackd_tmpl.section("Multicast {", "}", [ - "IPv4_address 225.0.0.50\n", - "Group 3780\n", - "IPv4_interface %s\n" % guest.get_ip(), - "Interface %s\n" % guest.get_device(), - "SndSocketBuffer 1249280\n", - "RcvSocketBuffer 1249280\n", - "Checksum on\n"]) - conntrackd_tmpl.section("Address Ignore {", "}", self._collect_ignore_ips()) - conntrackd_tmpl.commit() - - conntrackd_conf = CsFile(self.CONNTRACKD_CONF) - - is_equals = conntrackd_tmpl.compare(conntrackd_conf) - - force_keepalived_restart = False - proc = CsProcess(['/etc/conntrackd/conntrackd.conf']) - - if not proc.find() and not is_equals: - CsHelper.copy(conntrackd_template_conf, self.CONNTRACKD_CONF) - CsHelper.service("conntrackd", "restart") - force_keepalived_restart = True - - # Restore the template file and remove the backup. - CsHelper.copy(conntrackd_temp_bkp, conntrackd_template_conf) - CsHelper.execute("rm -rf %s" % conntrackd_temp_bkp) - - # Configure heartbeat cron job - runs every 30 seconds - heartbeat_cron = CsFile("/etc/cron.d/heartbeat") - heartbeat_cron.add("SHELL=/bin/bash", 0) - heartbeat_cron.add( - "PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1) - heartbeat_cron.add( - "* * * * * root $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1) - heartbeat_cron.add( - "* * * * * root sleep 30; $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1) - heartbeat_cron.commit() - - proc = CsProcess(['/usr/sbin/keepalived']) - if not proc.find() or keepalived_conf.is_changed() or force_keepalived_restart: - keepalived_conf.commit() - CsHelper.service("keepalived", "restart") - def release_lock(self): try: os.remove("/tmp/master_lock") diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsStaticRoutes.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsStaticRoutes.py index 57b259a..df98b2e 100755 --- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsStaticRoutes.py +++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsStaticRoutes.py @@ -17,8 +17,9 @@ # specific language governing permissions and limitations # under the License. +import logging +import CsHelper from CsDatabag import CsDataBag -from CsRedundant import * class CsStaticRoutes(CsDataBag): @@ -39,4 +40,4 @@ class CsStaticRoutes(CsDataBag): result = CsHelper.execute(command) if not result: route_command = "ip route add %s via %s" % (route['network'], route['gateway']) - CsHelper.execute(route_command) \ No newline at end of file + CsHelper.execute(route_command) diff --git a/systemvm/patches/debian/config/opt/cloud/bin/setup/common.sh b/systemvm/patches/debian/config/opt/cloud/bin/setup/common.sh index 3b766ef..e476745 100755 --- a/systemvm/patches/debian/config/opt/cloud/bin/setup/common.sh +++ b/systemvm/patches/debian/config/opt/cloud/bin/setup/common.sh @@ -621,57 +621,48 @@ setup_redundant_router() { mount tmpfs /ramdisk -t tmpfs mkdir -p /ramdisk/rrouter ip route delete default - cp /root/redundant_router/keepalived.conf.templ /etc/keepalived/keepalived.conf - cp /root/redundant_router/conntrackd.conf.templ /etc/conntrackd/conntrackd.conf - cp /root/redundant_router/enable_pubip.sh.templ $rrouter_bin_path/enable_pubip.sh - cp /root/redundant_router/master.sh.templ $rrouter_bin_path/master.sh - cp /root/redundant_router/backup.sh.templ $rrouter_bin_path/backup.sh - cp /root/redundant_router/fault.sh.templ $rrouter_bin_path/fault.sh - cp /root/redundant_router/primary-backup.sh.templ $rrouter_bin_path/primary-backup.sh - cp /root/redundant_router/heartbeat.sh.templ $rrouter_bin_path/heartbeat.sh - cp /root/redundant_router/check_heartbeat.sh.templ $rrouter_bin_path/check_heartbeat.sh - cp /root/redundant_router/arping_gateways.sh.templ $rrouter_bin_path/arping_gateways.sh - cp /root/redundant_router/check_bumpup.sh $rrouter_bin_path/ - cp /root/redundant_router/disable_pubip.sh $rrouter_bin_path/ - cp /root/redundant_router/checkrouter.sh.templ /opt/cloud/bin/checkrouter.sh - cp /root/redundant_router/services.sh $rrouter_bin_path/ + + # Seed keepalived + cp /opt/cloud/templates/keepalived.conf.templ /etc/keepalived/keepalived.conf # changes! sed -i "s/\[ROUTER_ID\]/$NAME/g" /etc/keepalived/keepalived.conf - sed -i "s/\[ROUTER_IP\]/$GUEST_GW\/$GUEST_CIDR_SIZE/g" /etc/keepalived/keepalived.conf + sed -i "s/\[ROUTER_IP\]/$GUEST_GW\/$GUEST_CIDR_SIZE/g" /etc/keepalived/keepalived.conf #fixme, multiple ips? sed -i "s/\[BOARDCAST\]/$GUEST_BRD/g" /etc/keepalived/keepalived.conf sed -i "s/\[PRIORITY\]/$ROUTER_PR/g" /etc/keepalived/keepalived.conf + sed -i "s/\[PASS\]/$VM_PASSWORD/g" /etc/keepalived/keepalived.conf #FIXME, router password? sed -i "s/\[RROUTER_BIN_PATH\]/$rrouter_bin_path_str/g" /etc/keepalived/keepalived.conf sed -i "s/\[DELTA\]/2/g" /etc/keepalived/keepalived.conf + sed -i "s/--exec\ \$DAEMON;/--exec\ \$DAEMON\ --\ --vrrp;/g" /etc/init.d/keepalived + if [ $ADVERT_INT ] + then + sed -i "s/advert_int 1/advert_int $ADVERT_INT/g" /etc/keepalived/keepalived.conf + fi + + # Seed conntrackd + cp /opt/cloud/templates/conntrackd.conf.templ /etc/conntrackd/conntrackd.conf sed -i "s/\[LINK_IF\]/eth0/g" /etc/conntrackd/conntrackd.conf sed -i "s/\[LINK_IP\]/$ETH0_IP/g" /etc/conntrackd/conntrackd.conf - sed -i "s/\[IGNORE_IP1\]/$GUEST_GW/g" /etc/conntrackd/conntrackd.conf + sed -i "s/\[IGNORE_IP1\]/$GUEST_GW/g" /etc/conntrackd/conntrackd.conf # checkme? sed -i "s/\[IGNORE_IP2\]/$ETH0_IP/g" /etc/conntrackd/conntrackd.conf sed -i "s/\[IGNORE_IP3\]/$ETH1_IP/g" /etc/conntrackd/conntrackd.conf - sed -i "s/\[ETH2IP\]/$ETH2_IP/g" $rrouter_bin_path/enable_pubip.sh - sed -i "s/\[ETH2MASK\]/$ETH2_MASK/g" $rrouter_bin_path/enable_pubip.sh - sed -i "s/\[GATEWAY\]/$GW/g" $rrouter_bin_path/enable_pubip.sh - sed -i "s/\[GATEWAY\]/$GW/g" $rrouter_bin_path/master.sh - sed -i "s/\[RROUTER_BIN_PATH\]/$rrouter_bin_path_str/g" $rrouter_bin_path/master.sh - sed -i "s/\[RROUTER_BIN_PATH\]/$rrouter_bin_path_str/g" $rrouter_bin_path/backup.sh - sed -i "s/\[RROUTER_BIN_PATH\]/$rrouter_bin_path_str/g" $rrouter_bin_path/fault.sh + + # ramdisk scripts + cp /opt/cloud/templates/heartbeat.sh.templ $rrouter_bin_path/heartbeat.sh + cp /opt/cloud/templates/check_heartbeat.sh.templ $rrouter_bin_path/check_heartbeat.sh + cp /opt/cloud/templates/arping_gateways.sh.templ $rrouter_bin_path/arping_gateways.sh + cp /opt/cloud/templates/check_bumpup.sh $rrouter_bin_path/ + cp /opt/cloud/templates/checkrouter.sh.templ /opt/cloud/bin/checkrouter.sh # changes! + #sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" /opt/cloud/bin/checkrouter.sh + sed -i "s/\[RROUTER_BIN_PATH\]/$rrouter_bin_path_str/g" $rrouter_bin_path/heartbeat.sh sed -i "s/\[RROUTER_BIN_PATH\]/$rrouter_bin_path_str/g" $rrouter_bin_path/check_heartbeat.sh - sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" $rrouter_bin_path/master.sh - sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" $rrouter_bin_path/backup.sh - sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" $rrouter_bin_path/fault.sh - sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" $rrouter_bin_path/primary-backup.sh sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" $rrouter_bin_path/check_heartbeat.sh sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" $rrouter_bin_path/arping_gateways.sh - sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" /opt/cloud/bin/checkrouter.sh - if [ $ADVERT_INT ] - then - sed -i "s/advert_int 1/advert_int $ADVERT_INT/g" /etc/keepalived/keepalived.conf - fi chmod a+x $rrouter_bin_path/*.sh - sed -i "s/--exec\ \$DAEMON;/--exec\ \$DAEMON\ --\ --vrrp;/g" /etc/init.d/keepalived + crontab -l|grep "check_heartbeat.sh" if [ $? -ne 0 ] then - (crontab -l; echo -e "SHELL=/bin/bash\nPATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin\n*/1 * * * * $rrouter_bin_path/check_heartbeat.sh 2>&1 > /dev/null") | crontab + (crontab -l; echo -e "SHELL=/bin/bash\nPATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin\n* * * * * $rrouter_bin_path/check_heartbeat.sh 2>&1 > /dev/null") | crontab fi } diff --git a/systemvm/patches/debian/config/opt/cloud/templates/checkrouter.sh.templ b/systemvm/patches/debian/config/opt/cloud/templates/checkrouter.sh.templ index 0ba0ee5..fcfc58d 100755 --- a/systemvm/patches/debian/config/opt/cloud/templates/checkrouter.sh.templ +++ b/systemvm/patches/debian/config/opt/cloud/templates/checkrouter.sh.templ @@ -34,4 +34,4 @@ else fi fi -echo "Status: ${STATUS}" \ No newline at end of file +echo "Status: ${STATUS}" diff --git a/systemvm/patches/debian/config/opt/cloud/templates/keepalived.conf.templ b/systemvm/patches/debian/config/opt/cloud/templates/keepalived.conf.templ index c843939..d14611d 100644 --- a/systemvm/patches/debian/config/opt/cloud/templates/keepalived.conf.templ +++ b/systemvm/patches/debian/config/opt/cloud/templates/keepalived.conf.templ @@ -48,4 +48,4 @@ vrrp_instance inside_network { notify_backup "/opt/cloud/bin/master.py --backup" notify_master "/opt/cloud/bin/master.py --master" notify_fault "/opt/cloud/bin/master.py --fault" -} \ No newline at end of file +} diff --git a/systemvm/patches/debian/config/root/redundant_router/arping_gateways.sh.templ b/systemvm/patches/debian/config/root/redundant_router/arping_gateways.sh.templ deleted file mode 100644 index 931c959..0000000 --- a/systemvm/patches/debian/config/root/redundant_router/arping_gateways.sh.templ +++ /dev/null @@ -1,29 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -ip link|grep BROADCAST|grep -v eth0|grep -v eth1|cut -d ":" -f 2 > /tmp/iflist -while read i -do - ip addr show $i|grep "inet " > /tmp/iplist_$i - while read line - do - ip=`echo $line|cut -d " " -f 2|cut -d "/" -f 1` - arping -I $i -A $ip -c 1 >> [RROUTER_LOG] 2>&1 - arping -I $i -A $ip -c 1 >> [RROUTER_LOG] 2>&1 - done < /tmp/iplist_$i -done < /tmp/iflist -sleep 1 diff --git a/systemvm/patches/debian/config/root/redundant_router/backup.sh.templ b/systemvm/patches/debian/config/root/redundant_router/backup.sh.templ deleted file mode 100644 index 32c811b..0000000 --- a/systemvm/patches/debian/config/root/redundant_router/backup.sh.templ +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/bash -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -sleep 1 - -source /root/func.sh - -lock="biglock" -locked=$(getLockFile $lock) -if [ "$locked" != "1" ] -then - exit 1 -fi - -echo To backup called >> [RROUTER_LOG] -[RROUTER_BIN_PATH]/disable_pubip.sh >> [RROUTER_LOG] 2>&1 -echo Disable public ip $? >> [RROUTER_LOG] -[RROUTER_BIN_PATH]/services.sh stop >> [RROUTER_LOG] 2>&1 -[RROUTER_BIN_PATH]/primary-backup.sh backup >> [RROUTER_LOG] 2>&1 -echo Switch conntrackd mode backup $? >> [RROUTER_LOG] -echo Status: BACKUP >> [RROUTER_LOG] - -releaseLockFile $lock $locked -exit 0 diff --git a/systemvm/patches/debian/config/root/redundant_router/check_bumpup.sh b/systemvm/patches/debian/config/root/redundant_router/check_bumpup.sh deleted file mode 100644 index 7682bad..0000000 --- a/systemvm/patches/debian/config/root/redundant_router/check_bumpup.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -cat /tmp/rrouter_bumped diff --git a/systemvm/patches/debian/config/root/redundant_router/check_heartbeat.sh.templ b/systemvm/patches/debian/config/root/redundant_router/check_heartbeat.sh.templ deleted file mode 100755 index 4253b29..0000000 --- a/systemvm/patches/debian/config/root/redundant_router/check_heartbeat.sh.templ +++ /dev/null @@ -1,60 +0,0 @@ -#!/bin/bash -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -ROUTER_BIN_PATH=/ramdisk/rrouter -STRIKE_FILE="$ROUTER_BIN_PATH/keepalived.strikes" - -if [ -e [RROUTER_BIN_PATH]/keepalived.ts2 ] -then - lasttime=$(cat [RROUTER_BIN_PATH]/keepalived.ts2) - thistime=$(cat [RROUTER_BIN_PATH]/keepalived.ts) - diff=$(($thistime - $lasttime)) - s=0 - if [ $diff -lt 30 ] - then - if [ -e $STRIKE_FILE ] - then - s=`cat $STRIKE_FILE 2>/dev/null` - fi - s=$(($s+1)) - echo $s > $STRIKE_FILE - else - if [ -e $STRIKE_FILE ] - then - rm $STRIKE_FILE - else - echo keepalived.strikes file does not exist! >> $ROUTER_LOG - fi - fi - #3 strikes rule - if [ $s -gt 2 ] - then - echo Keepalived process is dead! >> [RROUTER_LOG] - [RROUTER_BIN_PATH]/services.sh stop >> [RROUTER_LOG] 2>&1 - [RROUTER_BIN_PATH]/disable_pubip.sh >> [RROUTER_LOG] 2>&1 - [RROUTER_BIN_PATH]/primary-backup.sh fault >> [RROUTER_LOG] 2>&1 - service keepalived stop >> [RROUTER_LOG] 2>&1 - service conntrackd stop >> [RROUTER_LOG] 2>&1 - pkill -9 keepalived >> [RROUTER_LOG] 2>&1 - pkill -9 conntrackd >> [RROUTER_LOG] 2>&1 - echo Status: FAULT \(keepalived process is dead\) >> [RROUTER_LOG] - exit - fi -fi - -cp [RROUTER_BIN_PATH]/keepalived.ts [RROUTER_BIN_PATH]/keepalived.ts2 diff --git a/systemvm/patches/debian/config/root/redundant_router/checkrouter.sh.templ b/systemvm/patches/debian/config/root/redundant_router/checkrouter.sh.templ deleted file mode 100755 index fbf4f0f..0000000 --- a/systemvm/patches/debian/config/root/redundant_router/checkrouter.sh.templ +++ /dev/null @@ -1,56 +0,0 @@ -#!/bin/bash -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - - -source /root/func.sh - -nolock=0 -if [ $# -eq 1 ] -then - if [ $1 == "--no-lock" ] - then - nolock=1 - fi -fi - -if [ $nolock -eq 0 ] -then - lock="biglock" - locked=$(getLockFile $lock) - if [ "$locked" != "1" ] - then - exit 1 - fi -fi - -bumped="Bumped: NO" -if [ -e /tmp/rrouter_bumped ] -then - bumped="Bumped: YES" -fi - -stat=`tail -n 1 [RROUTER_LOG] | grep "Status"` -if [ $? -eq 0 ] -then - echo "$stat&$bumped" -fi - -if [ $nolock -eq 0 ] -then - unlock_exit $? $lock $locked -fi diff --git a/systemvm/patches/debian/config/root/redundant_router/conntrackd.conf.templ b/systemvm/patches/debian/config/root/redundant_router/conntrackd.conf.templ deleted file mode 100644 index 091de10..0000000 --- a/systemvm/patches/debian/config/root/redundant_router/conntrackd.conf.templ +++ /dev/null @@ -1,401 +0,0 @@ -# -# Synchronizer settings -# -Sync { - Mode FTFW { - # - # Size of the resend queue (in objects). This is the maximum - # number of objects that can be stored waiting to be confirmed - # via acknoledgment. If you keep this value low, the daemon - # will have less chances to recover state-changes under message - # omission. On the other hand, if you keep this value high, - # the daemon will consume more memory to store dead objects. - # Default is 131072 objects. - # - # ResendQueueSize 131072 - - # - # This parameter allows you to set an initial fixed timeout - # for the committed entries when this node goes from backup - # to primary. This mechanism provides a way to purge entries - # that were not recovered appropriately after the specified - # fixed timeout. If you set a low value, TCP entries in - # Established states with no traffic may hang. For example, - # an SSH connection without KeepAlive enabled. If not set, - # the daemon uses an approximate timeout value calculation - # mechanism. By default, this option is not set. - # - # CommitTimeout 180 - - # - # If the firewall replica goes from primary to backup, - # the conntrackd -t command is invoked in the script. - # This command schedules a flush of the table in N seconds. - # This is useful to purge the connection tracking table of - # zombie entries and avoid clashes with old entries if you - # trigger several consecutive hand-overs. Default is 60 seconds. - # - # PurgeTimeout 60 - - # Set the acknowledgement window size. If you decrease this - # value, the number of acknowlegdments increases. More - # acknowledgments means more overhead as conntrackd has to - # handle more control messages. On the other hand, if you - # increase this value, the resend queue gets more populated. - # This results in more overhead in the queue releasing. - # The following value is based on some practical experiments - # measuring the cycles spent by the acknowledgment handling - # with oprofile. If not set, default window size is 300. - # - # ACKWindowSize 300 - - # - # This clause allows you to disable the external cache. Thus, - # the state entries are directly injected into the kernel - # conntrack table. As a result, you save memory in user-space - # but you consume slots in the kernel conntrack table for - # backup state entries. Moreover, disabling the external cache - # means more CPU consumption. You need a Linux kernel - # >= 2.6.29 to use this feature. By default, this clause is - # set off. If you are installing conntrackd for first time, - # please read the user manual and I encourage you to consider - # using the fail-over scripts instead of enabling this option! - # - # DisableExternalCache Off - } - - # - # Multicast IP and interface where messages are - # broadcasted (dedicated link). IMPORTANT: Make sure - # that iptables accepts traffic for destination - # 225.0.0.50, eg: - # - # iptables -I INPUT -d 225.0.0.50 -j ACCEPT - # iptables -I OUTPUT -d 225.0.0.50 -j ACCEPT - # - Multicast { - # - # Multicast address: The address that you use as destination - # in the synchronization messages. You do not have to add - # this IP to any of your existing interfaces. If any doubt, - # do not modify this value. - # - IPv4_address 225.0.0.50 - - # - # The multicast group that identifies the cluster. If any - # doubt, do not modify this value. - # - Group 3780 - - # - # IP address of the interface that you are going to use to - # send the synchronization messages. Remember that you must - # use a dedicated link for the synchronization messages. - # - IPv4_interface [LINK_IP] - - # - # The name of the interface that you are going to use to - # send the synchronization messages. - # - Interface [LINK_IF] - - # The multicast sender uses a buffer to enqueue the packets - # that are going to be transmitted. The default size of this - # socket buffer is available at /proc/sys/net/core/wmem_default. - # This value determines the chances to have an overrun in the - # sender queue. The overrun results packet loss, thus, losing - # state information that would have to be retransmitted. If you - # notice some packet loss, you may want to increase the size - # of the sender buffer. The default size is usually around - # ~100 KBytes which is fairly small for busy firewalls. - # - SndSocketBuffer 1249280 - - # The multicast receiver uses a buffer to enqueue the packets - # that the socket is pending to handle. The default size of this - # socket buffer is available at /proc/sys/net/core/rmem_default. - # This value determines the chances to have an overrun in the - # receiver queue. The overrun results packet loss, thus, losing - # state information that would have to be retransmitted. If you - # notice some packet loss, you may want to increase the size of - # the receiver buffer. The default size is usually around - # ~100 KBytes which is fairly small for busy firewalls. - # - RcvSocketBuffer 1249280 - - # - # Enable/Disable message checksumming. This is a good - # property to achieve fault-tolerance. In case of doubt, do - # not modify this value. - # - Checksum on - } - # - # You can specify more than one dedicated link. Thus, if one dedicated - # link fails, conntrackd can fail-over to another. Note that adding - # more than one dedicated link does not mean that state-updates will - # be sent to all of them. There is only one active dedicated link at - # a given moment. The `Default' keyword indicates that this interface - # will be selected as the initial dedicated link. You can have - # up to 4 redundant dedicated links. Note: Use different multicast - # groups for every redundant link. - # - # Multicast Default { - # IPv4_address 225.0.0.51 - # Group 3781 - # IPv4_interface 192.168.100.101 - # Interface eth3 - # # SndSocketBuffer 1249280 - # # RcvSocketBuffer 1249280 - # Checksum on - # } - - # - # You can use Unicast UDP instead of Multicast to propagate events. - # Note that you cannot use unicast UDP and Multicast at the same - # time, you can only select one. - # - # UDP { - # - # UDP address that this firewall uses to listen to events. - # - # IPv4_address 192.168.2.100 - # - # or you may want to use an IPv6 address: - # - # IPv6_address fe80::215:58ff:fe28:5a27 - - # - # Destination UDP address that receives events, ie. the other - # firewall's dedicated link address. - # - # IPv4_Destination_Address 192.168.2.101 - # - # or you may want to use an IPv6 address: - # - # IPv6_Destination_Address fe80::2d0:59ff:fe2a:775c - - # - # UDP port used - # - # Port 3780 - - # - # The name of the interface that you are going to use to - # send the synchronization messages. - # - # Interface eth2 - - # - # The sender socket buffer size - # - # SndSocketBuffer 1249280 - - # - # The receiver socket buffer size - # - # RcvSocketBuffer 1249280 - - # - # Enable/Disable message checksumming. - # - # Checksum on - # } - -} - -# -# General settings -# -General { - # - # Set the nice value of the daemon, this value goes from -20 - # (most favorable scheduling) to 19 (least favorable). Using a - # very low value reduces the chances to lose state-change events. - # Default is 0 but this example file sets it to most favourable - # scheduling as this is generally a good idea. See man nice(1) for - # more information. - # - Nice -20 - - # - # Select a different scheduler for the daemon, you can select between - # RR and FIFO and the process priority (minimum is 0, maximum is 99). - # See man sched_setscheduler(2) for more information. Using a RT - # scheduler reduces the chances to overrun the Netlink buffer. - # - # Scheduler { - # Type FIFO - # Priority 99 - # } - - # - # Number of buckets in the cache hashtable. The bigger it is, - # the closer it gets to O(1) at the cost of consuming more memory. - # Read some documents about tuning hashtables for further reference. - # - HashSize 32768 - - # - # Maximum number of conntracks, it should be double of: - # $ cat /proc/sys/net/netfilter/nf_conntrack_max - # since the daemon may keep some dead entries cached for possible - # retransmission during state synchronization. - # - HashLimit 131072 - - # - # Logfile: on (/var/log/conntrackd.log), off, or a filename - # Default: off - # - LogFile on - - # - # Syslog: on, off or a facility name (daemon (default) or local0..7) - # Default: off - # - #Syslog on - - # - # Lockfile - # - LockFile /var/lock/conntrack.lock - - # - # Unix socket configuration - # - UNIX { - Path /var/run/conntrackd.ctl - Backlog 20 - } - - # - # Netlink event socket buffer size. If you do not specify this clause, - # the default buffer size value in /proc/net/core/rmem_default is - # used. This default value is usually around 100 Kbytes which is - # fairly small for busy firewalls. This leads to event message dropping - # and high CPU consumption. This example configuration file sets the - # size to 2 MBytes to avoid this sort of problems. - # - NetlinkBufferSize 2097152 - - # - # The daemon doubles the size of the netlink event socket buffer size - # if it detects netlink event message dropping. This clause sets the - # maximum buffer size growth that can be reached. This example file - # sets the size to 8 MBytes. - # - NetlinkBufferSizeMaxGrowth 8388608 - - # - # If the daemon detects that Netlink is dropping state-change events, - # it automatically schedules a resynchronization against the Kernel - # after 30 seconds (default value). Resynchronizations are expensive - # in terms of CPU consumption since the daemon has to get the full - # kernel state-table and purge state-entries that do not exist anymore. - # Be careful of setting a very small value here. You have the following - # choices: On (enabled, use default 30 seconds value), Off (disabled) - # or Value (in seconds, to set a specific amount of time). If not - # specified, the daemon assumes that this option is enabled. - # - # NetlinkOverrunResync On - - # - # If you want reliable event reporting over Netlink, set on this - # option. If you set on this clause, it is a good idea to set off - # NetlinkOverrunResync. This option is off by default and you need - # a Linux kernel >= 2.6.31. - # - # NetlinkEventsReliable Off - - # - # By default, the daemon receives state updates following an - # event-driven model. You can modify this behaviour by switching to - # polling mode with the PollSecs clause. This clause tells conntrackd - # to dump the states in the kernel every N seconds. With regards to - # synchronization mode, the polling mode can only guarantee that - # long-lifetime states are recovered. The main advantage of this method - # is the reduction in the state replication at the cost of reducing the - # chances of recovering connections. - # - # PollSecs 15 - - # - # The daemon prioritizes the handling of state-change events coming - # from the core. With this clause, you can set the maximum number of - # state-change events (those coming from kernel-space) that the daemon - # will handle after which it will handle other events coming from the - # network or userspace. A low value improves interactivity (in terms of - # real-time behaviour) at the cost of extra CPU consumption. - # Default (if not set) is 100. - # - # EventIterationLimit 100 - - # - # Event filtering: This clause allows you to filter certain traffic, - # There are currently three filter-sets: Protocol, Address and - # State. The filter is attached to an action that can be: Accept or - # Ignore. Thus, you can define the event filtering policy of the - # filter-sets in positive or negative logic depending on your needs. - # You can select if conntrackd filters the event messages from - # user-space or kernel-space. The kernel-space event filtering - # saves some CPU cycles by avoiding the copy of the event message - # from kernel-space to user-space. The kernel-space event filtering - # is prefered, however, you require a Linux kernel >= 2.6.29 to - # filter from kernel-space. If you want to select kernel-space - # event filtering, use the keyword 'Kernelspace' instead of - # 'Userspace'. - # - Filter From Userspace { - # - # Accept only certain protocols: You may want to replicate - # the state of flows depending on their layer 4 protocol. - # - Protocol Accept { - TCP - SCTP - DCCP - # UDP - # ICMP # This requires a Linux kernel >= 2.6.31 - } - - # - # Ignore traffic for a certain set of IP's: Usually all the - # IP assigned to the firewall since local traffic must be - # ignored, only forwarded connections are worth to replicate. - # Note that these values depends on the local IPs that are - # assigned to the firewall. - # - Address Ignore { - IPv4_address 127.0.0.1 # loopback - IPv4_address [IGNORE_IP1] - IPv4_address [IGNORE_IP2] - IPv4_address [IGNORE_IP3] - #IPv4_address 192.168.0.100 # virtual IP 1 - #IPv4_address 192.168.1.100 # virtual IP 2 - #IPv4_address 192.168.0.1 - #IPv4_address 192.168.1.1 - #IPv4_address 192.168.100.100 # dedicated link ip - # - # You can also specify networks in format IP/cidr. - # IPv4_address 192.168.0.0/24 - # - # You can also specify an IPv6 address - # IPv6_address ::1 - } - - # - # Uncomment this line below if you want to filter by flow state. - # This option introduces a trade-off in the replication: it - # reduces CPU consumption at the cost of having lazy backup - # firewall replicas. The existing TCP states are: SYN_SENT, - # SYN_RECV, ESTABLISHED, FIN_WAIT, CLOSE_WAIT, LAST_ACK, - # TIME_WAIT, CLOSED, LISTEN. - # - # State Accept { - # ESTABLISHED CLOSED TIME_WAIT CLOSE_WAIT for TCP - # } - } -} diff --git a/systemvm/patches/debian/config/root/redundant_router/disable_pubip.sh b/systemvm/patches/debian/config/root/redundant_router/disable_pubip.sh deleted file mode 100644 index ee4e894..0000000 --- a/systemvm/patches/debian/config/root/redundant_router/disable_pubip.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -ip link|grep BROADCAST|grep -v eth0|grep -v eth1|cut -d ":" -f 2 > /tmp/iflist -while read i -do - ifconfig $i down -done < /tmp/iflist diff --git a/systemvm/patches/debian/config/root/redundant_router/enable_pubip.sh.templ b/systemvm/patches/debian/config/root/redundant_router/enable_pubip.sh.templ deleted file mode 100644 index a59cd66..0000000 --- a/systemvm/patches/debian/config/root/redundant_router/enable_pubip.sh.templ +++ /dev/null @@ -1,50 +0,0 @@ -#!/bin/bash -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -ip link|grep BROADCAST|grep -v eth0|grep -v eth1|cut -d ":" -f 2 > /tmp/iflist -ip addr show eth2 | grep "inet" 2>&1 > /dev/null -is_init=$? - -set -e - -while read i -do - # if eth2'ip has already been configured, we would use ifconfig rather than ifdown/ifup - if [ "$i" == "eth2" -a "$is_init" != "0" ] - then - ifdown $i - ifup $i - else - ifconfig $i down - ifconfig $i up - fi -done < /tmp/iflist -ip route add default via [GATEWAY] dev eth2 - -while read line -do -dev=$(echo $line | awk '{print $1'}) -gw=$(echo $line | awk '{print $2'}) - -if [ "$dev" == "eth2" ] -then - continue; -fi -ip route add default via $gw table Table_$dev proto static - -done < /var/cache/cloud/ifaceGwIp diff --git a/systemvm/patches/debian/config/root/redundant_router/fault.sh.templ b/systemvm/patches/debian/config/root/redundant_router/fault.sh.templ deleted file mode 100644 index c008a9c..0000000 --- a/systemvm/patches/debian/config/root/redundant_router/fault.sh.templ +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/bash -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -source /root/func.sh - -lock="biglock" -locked=$(getLockFile $lock) -if [ "$locked" != "1" ] -then - exit 1 -fi - -echo To fault called >> [RROUTER_LOG] -[RROUTER_BIN_PATH]/disable_pubip.sh >> [RROUTER_LOG] 2>&1 -echo Disable public ip >> [RROUTER_LOG] -[RROUTER_BIN_PATH]/services.sh stop >> [RROUTER_LOG] 2>&1 -echo Stop services $? >> [RROUTER_LOG] -[RROUTER_BIN_PATH]/primary-backup.sh fault >> [RROUTER_LOG] 2>&1 -echo Switch conntrackd mode fault $? >> [RROUTER_LOG] -echo Status: FAULT >> [RROUTER_LOG] - -releaseLockFile $lock $locked diff --git a/systemvm/patches/debian/config/root/redundant_router/heartbeat.sh.templ b/systemvm/patches/debian/config/root/redundant_router/heartbeat.sh.templ deleted file mode 100755 index e064c1a..0000000 --- a/systemvm/patches/debian/config/root/redundant_router/heartbeat.sh.templ +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -t=$(date +%s) -echo $t > [RROUTER_BIN_PATH]/keepalived.ts diff --git a/systemvm/patches/debian/config/root/redundant_router/keepalived.conf.templ b/systemvm/patches/debian/config/root/redundant_router/keepalived.conf.templ deleted file mode 100644 index a4969a5..0000000 --- a/systemvm/patches/debian/config/root/redundant_router/keepalived.conf.templ +++ /dev/null @@ -1,57 +0,0 @@ -! Licensed to the Apache Software Foundation (ASF) under one -! or more contributor license agreements. See the NOTICE file -! distributed with this work for additional information -! regarding copyright ownership. The ASF licenses this file -! to you under the Apache License, Version 2.0 (the -! "License"); you may not use this file except in compliance -! with the License. You may obtain a copy of the License at -! -! http://www.apache.org/licenses/LICENSE-2.0 -! -! Unless required by applicable law or agreed to in writing, -! software distributed under the License is distributed on an -! "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -! KIND, either express or implied. See the License for the -! specific language governing permissions and limitations -! under the License. - -global_defs { - router_id [ROUTER_ID] -} - -vrrp_script check_bumpup { - script "[RROUTER_BIN_PATH]/check_bumpup.sh" - interval 5 - weight [DELTA] -} - -vrrp_script heartbeat { - script "[RROUTER_BIN_PATH]/heartbeat.sh" - interval 10 -} - -vrrp_instance inside_network { - state BACKUP - interface eth0 - virtual_router_id 51 - priority [PRIORITY] - - advert_int 1 - authentication { - auth_type PASS - auth_pass WORD - } - - virtual_ipaddress { - [ROUTER_IP] brd [BOARDCAST] dev eth0 - } - - track_script { - check_bumpup - heartbeat - } - - notify_master "[RROUTER_BIN_PATH]/master.sh" - notify_backup "[RROUTER_BIN_PATH]/backup.sh" - notify_fault "[RROUTER_BIN_PATH]/fault.sh" -} diff --git a/systemvm/patches/debian/config/root/redundant_router/master.sh.templ b/systemvm/patches/debian/config/root/redundant_router/master.sh.templ deleted file mode 100644 index 11ca628..0000000 --- a/systemvm/patches/debian/config/root/redundant_router/master.sh.templ +++ /dev/null @@ -1,60 +0,0 @@ -#!/bin/bash -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -source /root/func.sh - -lock="biglock" -locked=$(getLockFile $lock) -if [ "$locked" != "1" ] -then - exit 1 -fi - -echo To master called >> [RROUTER_LOG] -[RROUTER_BIN_PATH]/enable_pubip.sh >> [RROUTER_LOG] 2>&1 -ret=$? -if [ $ret -eq 0 ] -then - [RROUTER_BIN_PATH]/services.sh restart >> [RROUTER_LOG] 2>&1 - ret=$? -fi -last_msg=`tail -n 1 [RROUTER_LOG]` -echo Enable public ip returned $ret >> [RROUTER_LOG] -if [ $ret -ne 0 ] -then - echo Fail to enable public ip! >> [RROUTER_LOG] - [RROUTER_BIN_PATH]/disable_pubip.sh >> [RROUTER_LOG] 2>&1 - [RROUTER_BIN_PATH]/services.sh stop >> [RROUTER_LOG] 2>&1 - service keepalived stop >> [RROUTER_LOG] 2>&1 - service conntrackd stop >> [RROUTER_LOG] 2>&1 - echo Status: FAULT \($last_msg\) >> [RROUTER_LOG] - releaseLockFile $lock $locked - exit -fi -[RROUTER_BIN_PATH]/primary-backup.sh primary >> [RROUTER_LOG] 2>&1 -ret=$? -echo Switch conntrackd mode primary returned $ret >> [RROUTER_LOG] -if [ $ret -ne 0 ] -then - echo Fail to switch conntrackd mode, but try to continue working >> [RROUTER_LOG] -fi -[RROUTER_BIN_PATH]/arping_gateways.sh -echo Status: MASTER >> [RROUTER_LOG] - -releaseLockFile $lock $locked -exit 0 diff --git a/systemvm/patches/debian/config/root/redundant_router/primary-backup.sh.templ b/systemvm/patches/debian/config/root/redundant_router/primary-backup.sh.templ deleted file mode 100644 index 4eb9eaf..0000000 --- a/systemvm/patches/debian/config/root/redundant_router/primary-backup.sh.templ +++ /dev/null @@ -1,126 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -CONNTRACKD_BIN=/usr/sbin/conntrackd -CONNTRACKD_LOCK=/var/lock/conntrack.lock -CONNTRACKD_CONFIG=/etc/conntrackd/conntrackd.conf -CONNTRACKD_LOG=[RROUTER_LOG] - -case "$1" in - primary) - # - # commit the external cache into the kernel table - # - $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -c - if [ $? -eq 1 ] - then - logger "ERROR: failed to invoke conntrackd -c" - fi - - # - # flush the internal and the external caches - # - $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -f - if [ $? -eq 1 ] - then - logger "ERROR: failed to invoke conntrackd -f" - fi - - # - # resynchronize my internal cache to the kernel table - # - $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -R - if [ $? -eq 1 ] - then - logger "ERROR: failed to invoke conntrackd -R" - fi - - # - # send a bulk update to backups - # - $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -B - if [ $? -eq 1 ] - then - logger "ERROR: failed to invoke conntrackd -B" - fi - echo Conntrackd switch to primary done >> $CONNTRACKD_LOG - ;; - backup) - # - # is conntrackd running? request some statistics to check it - # - $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -s - if [ $? -eq 1 ] - then - # - # something's wrong, do we have a lock file? - # - if [ -f $CONNTRACKD_LOCK ] - then - logger "WARNING: conntrackd was not cleanly stopped." - logger "If you suspect that it has crashed:" - logger "1) Enable coredumps" - logger "2) Try to reproduce the problem" - logger "3) Post the coredump to netfilter-devel@vger.kernel.org" - rm -f $CONNTRACKD_LOCK - fi - $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -d - if [ $? -eq 1 ] - then - logger "ERROR: cannot launch conntrackd" - exit 1 - fi - fi - # - # shorten kernel conntrack timers to remove the zombie entries. - # - $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -t - if [ $? -eq 1 ] - then - logger "ERROR: failed to invoke conntrackd -t" - fi - - # - # request resynchronization with master firewall replica (if any) - # Note: this does nothing in the alarm approach. - # - $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -n - if [ $? -eq 1 ] - then - logger "ERROR: failed to invoke conntrackd -n" - fi - echo Conntrackd switch to backup done >> $CONNTRACKD_LOG - ;; - fault) - # - # shorten kernel conntrack timers to remove the zombie entries. - # - $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -t - if [ $? -eq 1 ] - then - logger "ERROR: failed to invoke conntrackd -t" - fi - echo Conntrackd switch to fault done >> $CONNTRACKD_LOG - ;; - *) - logger "conntrackd: ERROR: unknown state transition: " $1 - echo "Usage: primary-backup.sh {primary|backup|fault}" - exit 1 - ;; -esac - -exit 0 diff --git a/systemvm/patches/debian/config/root/redundant_router/services.sh b/systemvm/patches/debian/config/root/redundant_router/services.sh deleted file mode 100644 index b7ebeed..0000000 --- a/systemvm/patches/debian/config/root/redundant_router/services.sh +++ /dev/null @@ -1,68 +0,0 @@ -#!/bin/bash -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -vpn_service() { - ps aux|grep ipsec | grep -v grep > /dev/null - no_vpn=$? - if [ $no_vpn -eq 1 ] - then - return 0 - fi - r=0 - case "$1" in - stop) - service ipsec stop && \ - service xl2tpd stop - r=$? - ;; - restart) - service ipsec restart && \ - service xl2tpd restart - r=$? - ;; - esac - return $r -} - -ret=0 -case "$1" in - start) - vpn_service restart && \ - service cloud-passwd-srvr start && \ - service dnsmasq start - ret=$? - ;; - stop) - vpn_service stop && \ - service cloud-passwd-srvr stop && \ - service dnsmasq stop - ret=$? - ;; - restart) - vpn_service restart && \ - service cloud-passwd-srvr restart && \ - service dnsmasq restart - ret=$? - ;; - *) - echo "Usage: services {start|stop|restart}" - exit 1 - ;; -esac - -exit $ret -- To stop receiving notification emails like this one, please contact "commits@cloudstack.apache.org" .