VPC : add new type vpcrouter in cloud-early-config

2025-11-03 04:12:31 +01:00 · 2012-06-11 18:00:06 -07:00 · 2012-06-11 18:00:06 -07:00 · d49210e42b
commit d49210e42b
parent c7e440a1de
2 changed files with 98 additions and 0 deletions
--- a/patches/systemvm/debian/config/etc/init.d/cloud-early-config
+++ b/patches/systemvm/debian/config/etc/init.d/cloud-early-config
@ -550,6 +550,75 @@ setup_router() {
  cp /etc/iptables/iptables-router /etc/iptables/rules
 }

+
+
+setup_vpcrouter() {
+  log_it "Setting up VPC virtual router system vm"
+
+  if [ "$hyp" == "vmware" ]; then
+    setup_vmware_extra_nics
+  fi
+
+    cat > /etc/network/interfaces << EOF
+auto lo $1
+iface lo inet loopback
+EOF
+  setup_interface "0" $ETH0_IP $ETH0_MASK $GW
+   
+  echo $NAME > /etc/hostname
+  echo 'AVAHI_DAEMON_DETECT_LOCAL=0' > /etc/default/avahi-daemon
+  hostname $NAME
+  
+  #Nameserver
+  sed -i -e "/^nameserver.*$/d" /etc/resolv.conf # remove previous entries
+  sed -i -e "/^nameserver.*$/d" /etc/dnsmasq-resolv.conf # remove previous entries
+  if [ -n "$internalNS1" ]
+  then
+    echo "nameserver $internalNS1" > /etc/dnsmasq-resolv.conf
+    echo "nameserver $internalNS1" > /etc/resolv.conf
+  fi
+  
+  if [ -n "$internalNS2" ]
+  then
+    echo "nameserver $internalNS2" >> /etc/dnsmasq-resolv.conf
+    echo "nameserver $internalNS2" >> /etc/resolv.conf
+  fi
+  if [ -n "$NS1" ]
+  then
+    echo "nameserver $NS1" >> /etc/dnsmasq-resolv.conf
+    echo "nameserver $NS1" >> /etc/resolv.conf
+  fi
+  
+  if [ -n "$NS2" ]
+  then
+    echo "nameserver $NS2" >> /etc/dnsmasq-resolv.conf
+    echo "nameserver $NS2" >> /etc/resolv.conf
+  fi
+  if [ -n "$MGMTNET"  -a -n "$LOCAL_GW" ]
+  then
+    ip route add $MGMTNET via $LOCAL_GW dev eth1
+  fi
+
+  ip route delete default
+
+
+  sed -i  /gateway/d /etc/hosts
+
+  echo "$ETH0_IP $NAME" >> /etc/hosts
+  setup_sshd $ETH0_IP
+
+  enable_svc dnsmasq 1
+  enable_svc haproxy 1
+  enable_svc cloud-passwd-srvr 1
+  enable_svc cloud 0
+  disable_rpfilter_domR
+  enable_fwding 1
+  chkconfig nfs-common off
+  cp /etc/iptables/iptables-vpcrouter /etc/iptables/rules
+}
+
+
+
 setup_dhcpsrvr() {
  log_it "Setting up dhcp server system vm"
  setup_common eth0 eth1
@ -721,6 +790,10 @@ start() {
         [ "$NAME" == "" ] && NAME=router
         setup_router
 	  ;;
+     vpcrouter)
+         [ "$NAME" == "" ] && NAME=vpcrouter
+         setup_vpcrouter
+	  ;;
     dhcpsrvr)
         [ "$NAME" == "" ] && NAME=dhcpsrvr
         setup_dhcpsrvr
--- a/patches/systemvm/debian/config/etc/iptables/iptables-vpcrouter
+++ b/patches/systemvm/debian/config/etc/iptables/iptables-vpcrouter
@ -0,0 +1,25 @@
+*nat
+:PREROUTING ACCEPT [0:0]
+:POSTROUTING ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+COMMIT
+*filter
+:INPUT DROP [0:0]
+:FORWARD DROP [0:0]
+:OUTPUT ACCEPT [0:0]
+-A INPUT -d 224.0.0.18/32 -j ACCEPT
+-A INPUT -d 225.0.0.50/32 -j ACCEPT
+-A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
+-A INPUT -p icmp -j ACCEPT
+-A INPUT -i lo -j ACCEPT
+-A INPUT -i eth0 -p tcp -m state --state NEW --dport 3922 -j ACCEPT
+COMMIT
+*mangle
+:PREROUTING ACCEPT [0:0]
+:INPUT ACCEPT [0:0]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+:POSTROUTING ACCEPT [0:0]
+-A PREROUTING -m state --state ESTABLISHED,RELATED -j CONNMARK --restore-mark
+-A OUTPUT -p udp --dport bootpc -j CHECKSUM --checksum-fill
+COMMIT