mirror of
https://github.com/apache/cloudstack.git
synced 2025-10-26 08:42:29 +01:00
pep8 cleanup
This commit is contained in:
Michael Andersen
parent
82df5b156b
commit
bb93a61ee7
@ -100,21 +100,29 @@ class CsAddress(CsDataBag):
|
||||
if dev == "id":
|
||||
continue
|
||||
ip = CsIP(dev, self.config)
|
||||
|
||||
for address in self.dbag[dev]:
|
||||
if not address["nw_type"] == "control":
|
||||
CsRoute(dev).add(address)
|
||||
ip.setAddress(address)
|
||||
|
||||
if ip.configured():
|
||||
logging.info("Address %s on device %s already configured", ip.ip(), dev)
|
||||
logging.info(
|
||||
"Address %s on device %s already configured", ip.ip(), dev)
|
||||
|
||||
ip.post_configure()
|
||||
|
||||
else:
|
||||
logging.info("Address %s on device %s not configured", ip.ip(), dev)
|
||||
logging.info(
|
||||
"Address %s on device %s not configured", ip.ip(), dev)
|
||||
if CsDevice(dev, self.config).waitfordevice():
|
||||
ip.configure()
|
||||
|
||||
|
||||
class CsInterface:
|
||||
|
||||
""" Hold one single ip """
|
||||
|
||||
def __init__(self, o, config):
|
||||
self.address = o
|
||||
self.config = config
|
||||
@ -189,7 +197,9 @@ class CsInterface:
|
||||
|
||||
|
||||
class CsDevice:
|
||||
|
||||
""" Configure Network Devices """
|
||||
|
||||
def __init__(self, dev, config):
|
||||
self.devlist = []
|
||||
self.dev = dev
|
||||
@ -229,7 +239,8 @@ class CsDevice:
|
||||
time.sleep(1)
|
||||
count += 1
|
||||
self.buildlist()
|
||||
logging.error("Device %s cannot be configured - device was not found", self.dev)
|
||||
logging.error(
|
||||
"Device %s cannot be configured - device was not found", self.dev)
|
||||
return False
|
||||
|
||||
def list(self):
|
||||
@ -255,7 +266,8 @@ class CsIP:
|
||||
return self.address
|
||||
|
||||
def configure(self):
|
||||
logging.info("Configuring address %s on device %s", self.ip(), self.dev)
|
||||
logging.info(
|
||||
"Configuring address %s on device %s", self.ip(), self.dev)
|
||||
cmd = "ip addr add dev %s %s brd +" % (self.dev, self.ip())
|
||||
subprocess.call(cmd, shell=True)
|
||||
self.post_configure()
|
||||
@ -288,7 +300,7 @@ class CsIP:
|
||||
|
||||
def set_mark(self):
|
||||
cmd = "-A PREROUTING -i %s -m state --state NEW -j CONNMARK --set-xmark %s/0xffffffff" % \
|
||||
(self.getDevice(), self.dnum)
|
||||
(self.getDevice(), self.dnum)
|
||||
self.fw.append(["mangle", "", cmd])
|
||||
|
||||
def get_type(self):
|
||||
@ -340,33 +352,46 @@ class CsIP:
|
||||
self.fw.append(["mangle", "",
|
||||
"-A PREROUTING -i %s -m state --state NEW " % self.dev +
|
||||
"-j CONNMARK --set-xmark %s/0xffffffff" % self.dnum])
|
||||
self.fw.append(["mangle", "", "-A FIREWALL_%s -j DROP" % self.address['public_ip']])
|
||||
self.fw.append(
|
||||
["mangle", "", "-A FIREWALL_%s -j DROP" % self.address['public_ip']])
|
||||
|
||||
self.fw.append(["filter", "", "-A INPUT -d 224.0.0.18/32 -j ACCEPT"])
|
||||
self.fw.append(["filter", "", "-A INPUT -d 225.0.0.50/32 -j ACCEPT"])
|
||||
self.fw.append(["filter", "", "-A INPUT -i %s -m state --state RELATED,ESTABLISHED -j ACCEPT" %
|
||||
self.dev])
|
||||
self.dev])
|
||||
self.fw.append(["filter", "", "-A INPUT -p icmp -j ACCEPT"])
|
||||
self.fw.append(["filter", "", "-A INPUT -i lo -j ACCEPT"])
|
||||
|
||||
if self.get_type() in ["guest"]:
|
||||
self.fw.append(["filter", "", "-A INPUT -i %s -p udp -m udp --dport 67 -j ACCEPT" % self.dev])
|
||||
self.fw.append(["filter", "", "-A INPUT -i %s -p udp -m udp --dport 53 -j ACCEPT" % self.dev])
|
||||
self.fw.append(["filter", "", "-A INPUT -i %s -p tcp -m tcp --dport 53 -j ACCEPT" % self.dev])
|
||||
self.fw.append(["filter", "", "-A INPUT -i %s -p tcp -m tcp --dport 80 -m state --state NEW -j ACCEPT" % self.dev])
|
||||
self.fw.append(["filter", "", "-A INPUT -i %s -p tcp -m tcp --dport 8080 -m state --state NEW -j ACCEPT" % self.dev])
|
||||
self.fw.append(["filter", "", "-A FORWARD -i %s -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT" % self.dev])
|
||||
self.fw.append(["filter", "", "-A FORWARD -i %s -o %s -m state --state NEW -j ACCEPT" % (self.dev, self.dev)])
|
||||
self.fw.append(["filter", "", "-A FORWARD -i eth2 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT"])
|
||||
self.fw.append(["filter", "", "-A FORWARD -i eth0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT"])
|
||||
self.fw.append(["filter", "", "-A FORWARD -i eth0 -o eth2 -j FW_OUTBOUND"])
|
||||
self.fw.append(
|
||||
["filter", "", "-A INPUT -i %s -p udp -m udp --dport 67 -j ACCEPT" % self.dev])
|
||||
self.fw.append(
|
||||
["filter", "", "-A INPUT -i %s -p udp -m udp --dport 53 -j ACCEPT" % self.dev])
|
||||
self.fw.append(
|
||||
["filter", "", "-A INPUT -i %s -p tcp -m tcp --dport 53 -j ACCEPT" % self.dev])
|
||||
self.fw.append(
|
||||
["filter", "", "-A INPUT -i %s -p tcp -m tcp --dport 80 -m state --state NEW -j ACCEPT" % self.dev])
|
||||
self.fw.append(
|
||||
["filter", "", "-A INPUT -i %s -p tcp -m tcp --dport 8080 -m state --state NEW -j ACCEPT" % self.dev])
|
||||
self.fw.append(
|
||||
["filter", "", "-A FORWARD -i %s -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT" % self.dev])
|
||||
self.fw.append(
|
||||
["filter", "", "-A FORWARD -i %s -o %s -m state --state NEW -j ACCEPT" % (self.dev, self.dev)])
|
||||
self.fw.append(
|
||||
["filter", "", "-A FORWARD -i eth2 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT"])
|
||||
self.fw.append(
|
||||
["filter", "", "-A FORWARD -i eth0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT"])
|
||||
self.fw.append(
|
||||
["filter", "", "-A FORWARD -i eth0 -o eth2 -j FW_OUTBOUND"])
|
||||
self.fw.append(["mangle", "",
|
||||
"-A PREROUTING -i %s -m state --state NEW " % self.dev +
|
||||
"-j CONNMARK --set-xmark %s/0xffffffff" % self.dnum])
|
||||
|
||||
if self.get_type() in ["control"]:
|
||||
self.fw.append(["filter", "", "-A FW_OUTBOUND -m state --state RELATED,ESTABLISHED -j ACCEPT"])
|
||||
self.fw.append(["filter", "", "-A INPUT -i %s -p tcp -m tcp --dport 3922 -m state --state NEW -j ACCEPT" % self.dev])
|
||||
self.fw.append(
|
||||
["filter", "", "-A FW_OUTBOUND -m state --state RELATED,ESTABLISHED -j ACCEPT"])
|
||||
self.fw.append(
|
||||
["filter", "", "-A INPUT -i %s -p tcp -m tcp --dport 3922 -m state --state NEW -j ACCEPT" % self.dev])
|
||||
self.fw.append(['', 'front', '-A FORWARD -j NETWORK_STATS'])
|
||||
self.fw.append(['', 'front', '-A INPUT -j NETWORK_STATS'])
|
||||
self.fw.append(['', 'front', '-A OUTPUT -j NETWORK_STATS'])
|
||||
@ -382,37 +407,55 @@ class CsIP:
|
||||
"-m state --state RELATED,ESTABLISHED " +
|
||||
"-j CONNMARK --restore-mark --nfmask 0xffffffff --ctmask 0xffffffff"])
|
||||
if self.get_type() in ["guest"]:
|
||||
self.fw.append(["filter", "", "-A FORWARD -d %s -o %s -j ACL_INBOUND_%s" % (self.address['network'], self.dev, self.dev)])
|
||||
self.fw.append(["filter", "front", "-A ACL_INBOUND_%s -d 224.0.0.18/32 -j ACCEPT" % self.dev])
|
||||
self.fw.append(["filter", "front", "-A ACL_INBOUND_%s -d 225.0.0.50/32 -j ACCEPT" % self.dev])
|
||||
self.fw.append(["mangle", "front", "-A ACL_OUTBOUND_%s -d 225.0.0.50/32 -j ACCEPT" % self.dev])
|
||||
self.fw.append(["mangle", "front", "-A ACL_OUTBOUND_%s -d 224.0.0.18/32 -j ACCEPT" % self.dev])
|
||||
self.fw.append(["filter", "", "-A INPUT -i %s -p udp -m udp --dport 67 -j ACCEPT" % self.dev])
|
||||
self.fw.append(["filter", "", "-A INPUT -i %s -p udp -m udp --dport 53 -j ACCEPT" % self.dev])
|
||||
self.fw.append(["filter", "", "-A INPUT -i %s -p tcp -m tcp --dport 53 -j ACCEPT" % self.dev])
|
||||
self.fw.append(["filter", "", "-A FORWARD -d %s -o %s -j ACL_INBOUND_%s" %
|
||||
(self.address['network'], self.dev, self.dev)])
|
||||
self.fw.append(
|
||||
["filter", "front", "-A ACL_INBOUND_%s -d 224.0.0.18/32 -j ACCEPT" % self.dev])
|
||||
self.fw.append(
|
||||
["filter", "front", "-A ACL_INBOUND_%s -d 225.0.0.50/32 -j ACCEPT" % self.dev])
|
||||
self.fw.append(
|
||||
["mangle", "front", "-A ACL_OUTBOUND_%s -d 225.0.0.50/32 -j ACCEPT" % self.dev])
|
||||
self.fw.append(
|
||||
["mangle", "front", "-A ACL_OUTBOUND_%s -d 224.0.0.18/32 -j ACCEPT" % self.dev])
|
||||
self.fw.append(
|
||||
["filter", "", "-A INPUT -i %s -p udp -m udp --dport 67 -j ACCEPT" % self.dev])
|
||||
self.fw.append(
|
||||
["filter", "", "-A INPUT -i %s -p udp -m udp --dport 53 -j ACCEPT" % self.dev])
|
||||
self.fw.append(
|
||||
["filter", "", "-A INPUT -i %s -p tcp -m tcp --dport 53 -j ACCEPT" % self.dev])
|
||||
|
||||
self.fw.append(["filter", "", "-A INPUT -i %s -p tcp -m tcp --dport 80 -m state --state NEW -j ACCEPT" % self.dev])
|
||||
self.fw.append(["filter", "", "-A INPUT -i %s -p tcp -m tcp --dport 8080 -m state --state NEW -j ACCEPT" % self.dev])
|
||||
self.fw.append(
|
||||
["filter", "", "-A INPUT -i %s -p tcp -m tcp --dport 80 -m state --state NEW -j ACCEPT" % self.dev])
|
||||
self.fw.append(
|
||||
["filter", "", "-A INPUT -i %s -p tcp -m tcp --dport 8080 -m state --state NEW -j ACCEPT" % self.dev])
|
||||
self.fw.append(["mangle", "",
|
||||
"-A PREROUTING -m state --state NEW -i %s -s %s ! -d %s/32 -j ACL_OUTBOUND_%s" %
|
||||
(self.dev, self.address['network'], self.address['gateway'], self.dev)
|
||||
(self.dev, self.address[
|
||||
'network'], self.address['gateway'], self.dev)
|
||||
])
|
||||
self.fw.append(["", "front", "-A NETWORK_STATS_%s -o %s -s %s" % ("eth1", "eth1", self.address['network'])])
|
||||
self.fw.append(["", "front", "-A NETWORK_STATS_%s -o %s -d %s" % ("eth1", "eth1", self.address['network'])])
|
||||
self.fw.append(["", "front", "-A NETWORK_STATS_%s -o %s -s %s" %
|
||||
("eth1", "eth1", self.address['network'])])
|
||||
self.fw.append(["", "front", "-A NETWORK_STATS_%s -o %s -d %s" %
|
||||
("eth1", "eth1", self.address['network'])])
|
||||
self.fw.append(["nat", "front",
|
||||
"-A POSTROUTING -s %s -o %s -j SNAT --to-source %s" %
|
||||
(self.address['network'], self.dev,
|
||||
self.address['public_ip'])
|
||||
(self.address['network'], self.dev,
|
||||
self.address['public_ip'])
|
||||
])
|
||||
|
||||
if self.get_type() in ["public"]:
|
||||
self.fw.append(["", "front",
|
||||
"-A FORWARD -o %s -d %s -j ACL_INBOUND_%s" % (self.dev, self.address['network'], self.dev)
|
||||
"-A FORWARD -o %s -d %s -j ACL_INBOUND_%s" % (
|
||||
self.dev, self.address['network'], self.dev)
|
||||
])
|
||||
self.fw.append(["mangle", "", "-A FORWARD -j VPN_STATS_%s" % self.dev])
|
||||
self.fw.append(["mangle", "", "-A VPN_STATS_%s -o %s -m mark --mark 0x525/0xffffffff" % (self.dev, self.dev)])
|
||||
self.fw.append(["mangle", "", "-A VPN_STATS_%s -i %s -m mark --mark 0x524/0xffffffff" % (self.dev, self.dev)])
|
||||
self.fw.append(["", "front", "-A FORWARD -j NETWORK_STATS_%s" % self.dev])
|
||||
self.fw.append(
|
||||
["mangle", "", "-A FORWARD -j VPN_STATS_%s" % self.dev])
|
||||
self.fw.append(
|
||||
["mangle", "", "-A VPN_STATS_%s -o %s -m mark --mark 0x525/0xffffffff" % (self.dev, self.dev)])
|
||||
self.fw.append(
|
||||
["mangle", "", "-A VPN_STATS_%s -i %s -m mark --mark 0x524/0xffffffff" % (self.dev, self.dev)])
|
||||
self.fw.append(
|
||||
["", "front", "-A FORWARD -j NETWORK_STATS_%s" % self.dev])
|
||||
|
||||
self.fw.append(["", "front", "-A FORWARD -j NETWORK_STATS"])
|
||||
self.fw.append(["", "front", "-A INPUT -j NETWORK_STATS"])
|
||||
@ -434,7 +477,8 @@ class CsIP:
|
||||
|
||||
CsDevice(self.dev, self.config).configure_rp()
|
||||
|
||||
logging.error("Not able to setup sourcenat for a regular router yet")
|
||||
logging.error(
|
||||
"Not able to setup sourcenat for a regular router yet")
|
||||
dns = CsDnsmasq(self)
|
||||
dns.add_firewall_rules()
|
||||
app = CsApache(self)
|
||||
@ -447,8 +491,10 @@ class CsIP:
|
||||
if self.get_type() == "public" and self.config.is_vpc():
|
||||
if self.address["source_nat"]:
|
||||
vpccidr = self.config.cmdline().get_vpccidr()
|
||||
self.fw.append(["filter", "", "-A FORWARD -s %s ! -d %s -j ACCEPT" % (vpccidr, vpccidr)])
|
||||
self.fw.append(["nat", "", "-A POSTROUTING -j SNAT -o %s --to-source %s" % (self.dev, self.address['public_ip'])])
|
||||
self.fw.append(
|
||||
["filter", "", "-A FORWARD -s %s ! -d %s -j ACCEPT" % (vpccidr, vpccidr)])
|
||||
self.fw.append(
|
||||
["nat", "", "-A POSTROUTING -j SNAT -o %s --to-source %s" % (self.dev, self.address['public_ip'])])
|
||||
|
||||
def list(self):
|
||||
self.iplist = {}
|
||||
@ -486,20 +532,23 @@ class CsIP:
|
||||
return ip in self.address.values()
|
||||
|
||||
def arpPing(self):
|
||||
cmd = "arping -c 1 -I %s -A -U -s %s %s" % (self.dev, self.address['public_ip'], self.address['public_ip'])
|
||||
cmd = "arping -c 1 -I %s -A -U -s %s %s" % (
|
||||
self.dev, self.address['public_ip'], self.address['public_ip'])
|
||||
CsHelper.execute(cmd)
|
||||
|
||||
# Delete any ips that are configured but not in the bag
|
||||
def compare(self, bag):
|
||||
if len(self.iplist) > 0 and (self.dev not in bag.keys() or len(bag[self.dev]) == 0):
|
||||
# Remove all IPs on this device
|
||||
logging.info("Will remove all configured addresses on device %s", self.dev)
|
||||
logging.info(
|
||||
"Will remove all configured addresses on device %s", self.dev)
|
||||
self.delete("all")
|
||||
app = CsApache(self)
|
||||
app.remove()
|
||||
|
||||
# This condition should not really happen but did :)
|
||||
# It means an apache file got orphaned after a guest network address was deleted
|
||||
# It means an apache file got orphaned after a guest network address
|
||||
# was deleted
|
||||
if len(self.iplist) == 0 and (self.dev not in bag.keys() or len(bag[self.dev]) == 0):
|
||||
app = CsApache(self)
|
||||
app.remove()
|
||||
@ -542,6 +591,7 @@ class CsIP:
|
||||
|
||||
|
||||
class CsRpsrfs:
|
||||
|
||||
""" Configure rpsrfs if there is more than one cpu """
|
||||
|
||||
def __init__(self, dev):
|
||||
@ -556,7 +606,8 @@ class CsRpsrfs:
|
||||
val = format((1 << cpus) - 1, "x")
|
||||
filename = "/sys/class/net/%s/queues/rx-0/rps_cpus" % (self.dev)
|
||||
CsHelper.updatefile(filename, val, "w+")
|
||||
CsHelper.updatefile("/proc/sys/net/core/rps_sock_flow_entries", "256", "w+")
|
||||
CsHelper.updatefile(
|
||||
"/proc/sys/net/core/rps_sock_flow_entries", "256", "w+")
|
||||
filename = "/sys/class/net/%s/queues/rx-0/rps_flow_cnt" % (self.dev)
|
||||
CsHelper.updatefile(filename, "256", "w+")
|
||||
logging.debug("rpsfr is configured for %s cpus" % (cpus))
|
||||
|
||||
@ -94,12 +94,17 @@ class CsRedundant(object):
|
||||
d = s
|
||||
if s.endswith(".templ"):
|
||||
d = s.replace(".templ", "")
|
||||
CsHelper.copy_if_needed("%s/%s" % (self.CS_TEMPLATES_DIR, s), "%s/%s" % (self.CS_ROUTER_DIR, d))
|
||||
CsHelper.copy_if_needed("%s/%s" % (self.CS_TEMPLATES_DIR, "keepalived.conf.templ"), self.KEEPALIVED_CONF)
|
||||
CsHelper.copy_if_needed("%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ"), self.CONNTRACKD_CONF)
|
||||
CsHelper.copy_if_needed("%s/%s" % (self.CS_TEMPLATES_DIR, "checkrouter.sh.templ"), "/opt/cloud/bin/checkrouter.sh")
|
||||
CsHelper.copy_if_needed(
|
||||
"%s/%s" % (self.CS_TEMPLATES_DIR, s), "%s/%s" % (self.CS_ROUTER_DIR, d))
|
||||
CsHelper.copy_if_needed(
|
||||
"%s/%s" % (self.CS_TEMPLATES_DIR, "keepalived.conf.templ"), self.KEEPALIVED_CONF)
|
||||
CsHelper.copy_if_needed(
|
||||
"%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ"), self.CONNTRACKD_CONF)
|
||||
CsHelper.copy_if_needed(
|
||||
"%s/%s" % (self.CS_TEMPLATES_DIR, "checkrouter.sh.templ"), "/opt/cloud/bin/checkrouter.sh")
|
||||
|
||||
CsHelper.execute('sed -i "s/--exec\ \$DAEMON;/--exec\ \$DAEMON\ --\ --vrrp;/g" /etc/init.d/keepalived')
|
||||
CsHelper.execute(
|
||||
'sed -i "s/--exec\ \$DAEMON;/--exec\ \$DAEMON\ --\ --vrrp;/g" /etc/init.d/keepalived')
|
||||
# checkrouter.sh configuration
|
||||
check_router = CsFile("/opt/cloud/bin/checkrouter.sh")
|
||||
check_router.greplace("[RROUTER_LOG]", self.RROUTER_LOG)
|
||||
@ -107,12 +112,17 @@ class CsRedundant(object):
|
||||
|
||||
# keepalived configuration
|
||||
keepalived_conf = CsFile(self.KEEPALIVED_CONF)
|
||||
keepalived_conf.search(" router_id ", " router_id %s" % self.cl.get_name())
|
||||
keepalived_conf.search(" interface ", " interface %s" % guest.get_device())
|
||||
keepalived_conf.search(" virtual_router_id ", " virtual_router_id %s" % self.cl.get_router_id())
|
||||
keepalived_conf.search(
|
||||
" router_id ", " router_id %s" % self.cl.get_name())
|
||||
keepalived_conf.search(
|
||||
" interface ", " interface %s" % guest.get_device())
|
||||
keepalived_conf.search(
|
||||
" virtual_router_id ", " virtual_router_id %s" % self.cl.get_router_id())
|
||||
keepalived_conf.greplace("[RROUTER_BIN_PATH]", self.CS_ROUTER_DIR)
|
||||
keepalived_conf.section("authentication {", "}", [" auth_type AH \n", " auth_pass %s\n" % self.cl.get_router_password()])
|
||||
keepalived_conf.section("virtual_ipaddress {", "}", self._collect_ips())
|
||||
keepalived_conf.section("authentication {", "}", [
|
||||
" auth_type AH \n", " auth_pass %s\n" % self.cl.get_router_password()])
|
||||
keepalived_conf.section(
|
||||
"virtual_ipaddress {", "}", self._collect_ips())
|
||||
keepalived_conf.commit()
|
||||
|
||||
# conntrackd configuration
|
||||
@ -135,22 +145,27 @@ class CsRedundant(object):
|
||||
# Configure heartbeat cron job - runs every 30 seconds
|
||||
heartbeat_cron = CsFile("/etc/cron.d/heartbeat")
|
||||
heartbeat_cron.add("SHELL=/bin/bash", 0)
|
||||
heartbeat_cron.add("PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1)
|
||||
heartbeat_cron.add("* * * * * root $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1)
|
||||
heartbeat_cron.add("* * * * * root sleep 30; $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1)
|
||||
heartbeat_cron.add(
|
||||
"PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1)
|
||||
heartbeat_cron.add(
|
||||
"* * * * * root $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1)
|
||||
heartbeat_cron.add(
|
||||
"* * * * * root sleep 30; $SHELL %s/check_heartbeat.sh 2>&1 > /dev/null" % self.CS_ROUTER_DIR, -1)
|
||||
heartbeat_cron.commit()
|
||||
|
||||
# Configure KeepaliveD cron job - runs at every reboot
|
||||
keepalived_cron = CsFile("/etc/cron.d/keepalived")
|
||||
keepalived_cron.add("SHELL=/bin/bash", 0)
|
||||
keepalived_cron.add("PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1)
|
||||
keepalived_cron.add(
|
||||
"PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1)
|
||||
keepalived_cron.add("@reboot root service keepalived start", -1)
|
||||
keepalived_cron.commit()
|
||||
|
||||
# Configure ConntrackD cron job - runs at every reboot
|
||||
conntrackd_cron = CsFile("/etc/cron.d/conntrackd")
|
||||
conntrackd_cron.add("SHELL=/bin/bash", 0)
|
||||
conntrackd_cron.add("PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1)
|
||||
conntrackd_cron.add(
|
||||
"PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1)
|
||||
conntrackd_cron.add("@reboot root service conntrackd start", -1)
|
||||
conntrackd_cron.commit()
|
||||
|
||||
@ -255,9 +270,11 @@ class CsRedundant(object):
|
||||
if CsDevice(o.get_device(), self.config).waitfordevice():
|
||||
CsHelper.execute(cmd2)
|
||||
dev = o.get_device()
|
||||
logging.info("Bringing public interface %s up" % o.get_device())
|
||||
logging.info("Bringing public interface %s up" %
|
||||
o.get_device())
|
||||
else:
|
||||
logging.error("Device %s was not ready could not bring it up" % o.get_device())
|
||||
logging.error(
|
||||
"Device %s was not ready could not bring it up" % o.get_device())
|
||||
# ip route add default via $gw table Table_$dev proto static
|
||||
cmd = "%s -C %s" % (self.CONNTRACKD_BIN, self.CONNTRACKD_CONF)
|
||||
CsHelper.execute("%s -c" % cmd)
|
||||
@ -282,7 +299,8 @@ class CsRedundant(object):
|
||||
"""
|
||||
lines = []
|
||||
lines.append("\t\t\tIPv4_address %s\n" % "127.0.0.1")
|
||||
lines.append("\t\t\tIPv4_address %s\n" % self.address.get_control_if().get_ip())
|
||||
lines.append("\t\t\tIPv4_address %s\n" %
|
||||
self.address.get_control_if().get_ip())
|
||||
# FIXME - Do we need to also add any internal network gateways?
|
||||
return lines
|
||||
|
||||
@ -299,7 +317,8 @@ class CsRedundant(object):
|
||||
lines = []
|
||||
for o in self.address.get_ips():
|
||||
if o.needs_vrrp():
|
||||
str = " %s brd %s dev %s\n" % (o.get_gateway_cidr(), o.get_broadcast(), o.get_device())
|
||||
str = " %s brd %s dev %s\n" % (
|
||||
o.get_gateway_cidr(), o.get_broadcast(), o.get_device())
|
||||
lines.append(str)
|
||||
self.check_is_up(o.get_device())
|
||||
return lines
|
||||
|
||||
@ -20,6 +20,7 @@ import logging
|
||||
|
||||
|
||||
class CsRoute:
|
||||
|
||||
""" Manage routes """
|
||||
|
||||
def __init__(self, dev):
|
||||
@ -30,6 +31,8 @@ class CsRoute:
|
||||
def routeTable(self):
|
||||
str = "%s %s" % (self.tableNo, self.table)
|
||||
filename = "/etc/iproute2/rt_tables"
|
||||
logging.info(
|
||||
"Adding route table: " + str + " to " + filename + " if not present ")
|
||||
CsHelper.addifmissing(filename, str)
|
||||
|
||||
def flush(self):
|
||||
@ -43,7 +46,7 @@ class CsRoute:
|
||||
self.set_route(cmd, method)
|
||||
|
||||
def set_route(self, cmd, method="add"):
|
||||
""" Add a route is it is not already defined """
|
||||
""" Add a route if it is not already defined """
|
||||
found = False
|
||||
for i in CsHelper.execute("ip route show " + cmd):
|
||||
found = True
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user