You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by an...@apache.org on 2012/07/28 01:04:17 UTC
[9/16] git commit: VPC : vpc ip assocate fix
VPC : vpc ip assocate fix
Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/7dc4231e
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/7dc4231e
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/7dc4231e
Branch: refs/heads/vpc
Commit: 7dc4231ea6a44f128b81d3bca237f82f8a697072
Parents: 165a21c
Author: anthony <an...@cloud.com>
Authored: Thu Jul 26 14:11:54 2012 -0700
Committer: anthony <an...@cloud.com>
Committed: Fri Jul 27 15:04:41 2012 -0700
----------------------------------------------------------------------
.../debian/config/opt/cloud/bin/vpc_ipassoc.sh | 170 +++++----------
1 files changed, 54 insertions(+), 116 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/7dc4231e/patches/systemvm/debian/config/opt/cloud/bin/vpc_ipassoc.sh
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/opt/cloud/bin/vpc_ipassoc.sh b/patches/systemvm/debian/config/opt/cloud/bin/vpc_ipassoc.sh
index adf8eb4..40c1e4d 100755
--- a/patches/systemvm/debian/config/opt/cloud/bin/vpc_ipassoc.sh
+++ b/patches/systemvm/debian/config/opt/cloud/bin/vpc_ipassoc.sh
@@ -16,7 +16,6 @@
-# $Id: ipassoc.sh 9804 2010-06-22 18:36:49Z alex $ $HeadURL: svn://svn.lab.vmops.com/repos/vmdev/java/scripts/network/domr/ipassoc.sh $
# ipassoc.sh -- associate/disassociate a public ip with an instance
# @VERSION@
@@ -26,7 +25,7 @@ lock="biglock"
locked=$(getLockFile $lock)
if [ "$locked" != "1" ]
then
- exit 1
+ exit 1
fi
usage() {
@@ -34,144 +33,76 @@ usage() {
printf " %s -D -l <public-ip-address> -c <dev> [-f] \n" $(basename $0) >&2
}
-remove_routing() {
- local pubIp=$1
- logger -t cloud "$(basename $0):Remove routing $pubIp on interface $ethDev"
- local ipNoMask=$(echo $pubIp | awk -F'/' '{print $1}')
- local mask=$(echo $pubIp | awk -F'/' '{print $2}')
- local tableNo=$(echo $ethDev | awk -F'eth' '{print $2}')
-
- local tableName="Table_$ethDev"
- local ethMask=$(ip route list scope link dev $ethDev | awk '{print $1}')
- if [ "$ethMask" == "" ]
- then
-# rules and routes will be deleted for the last ip of the interface.
- sudo ip rule delete fwmark $tableNo table $tableName
- sudo ip rule delete table $tableName
- sudo ip route flush table $tableName
- sudo ip route flush cache
- logger -t cloud "$(basename $0):Remove routing $pubIp - routes and rules deleted"
- fi
-}
-
-# copy eth0,eth1 and the current public interface
-copy_routes_from_main() {
- local tableName=$1
-
-#get the network masks from the main table
- local eth0Mask=$(ip route list scope link dev eth0 | awk '{print $1}')
- local eth1Mask=$(ip route list scope link dev eth1 | awk '{print $1}')
- local ethMask=$(ip route list scope link dev $ethDev | awk '{print $1}')
-
-# eth0,eth1 and other know routes will be skipped, so as main routing table will decide the route. This will be useful if the interface is down and up.
- sudo ip route add throw $eth0Mask table $tableName proto static
- sudo ip route add throw $eth1Mask table $tableName proto static
- sudo ip route add throw $ethMask table $tableName proto static
- return 0;
-}
-
-ip_addr_add() {
- local dev="$1"
- local ip="$2"
-}
-
add_routing() {
- local pubIp=$1
logger -t cloud "$(basename $0):Add routing $pubIp on interface $ethDev"
- local ipNoMask=$(echo $1 | awk -F'/' '{print $1}')
- local mask=$(echo $1 | awk -F'/' '{print $2}')
local tableName="Table_$ethDev"
- local tablePresent=$(grep $tableName /etc/iproute2/rt_tables)
- local tableNo=$(echo $ethDev | awk -F'eth' '{print $2}')
- if [ "$tablePresent" == "" ]
- then
- if [ "$tableNo" == ""]
- then
- return 0;
- fi
- sudo echo "$tableNo $tableName" >> /etc/iproute2/rt_tables
- fi
-
- copy_routes_from_main $tableName
-# NOTE: this entry will be deleted if the interface is down without knowing to Management server, in that case all the outside traffic will be send through main routing table or it will be the first public NIC.
+ sudo ip route add $subnet/$mask dev $ethDev table $tableName proto static
sudo ip route add default via $defaultGwIP table $tableName proto static
sudo ip route flush cache
-
- local ethMask=$(ip route list scope link dev $ethDev | awk '{print $1}')
- local rulePresent=$(ip rule show | grep $ethMask)
- if [ "$rulePresent" == "" ]
+ sudo ip route | grep default
+ if [ $? -gt 0 ]
then
-# rules will be added while adding the first ip of the interface
- sudo ip rule add from $ethMask table $tableName
- sudo ip rule add fwmark $tableNo table $tableName
- logger -t cloud "$(basename $0):Add routing $pubIp rules added"
+ sudo ip route add default via $defaultGwIP
fi
- return 0;
+ return 0
}
+remove_routing() {
+ return 0
+}
+
add_an_ip () {
- local pubIp=$1
logger -t cloud "$(basename $0):Adding ip $pubIp on interface $ethDev"
- local ipNoMask=$(echo $1 | awk -F'/' '{print $1}')
sudo ip link show $ethDev | grep "state DOWN" > /dev/null
local old_state=$?
- sudo ip addr add dev $dev $ip
- if [ $if_keep_state -ne 1 -o $old_state -ne 0 ]
+ sudo ip addr add dev $ethDev $pubIp/$mask
+ if [ $old_state -eq 0 ]
then
- sudo ip link set $ethDev up
- sudo arping -c 3 -I $ethDev -A -U -s $ipNoMask $ipNoMask;
+ sudo ip link set $ethDev up
+ sudo arping -c 3 -I $ethDev -A -U -s $pubIp $pubIp
fi
- add_routing $1
+ local tableNo=${ethDev:3}
+ sudo iptables-save -t mangle | grep "PREROUTING -i $ethDev -m state --state NEW -j CONNMARK --set-xmark" 2>/dev/null
+ if [ $? -gt 0 ]
+ then
+ sudo iptables -t mangle -A PREROUTING -i $ethDev -m state --state NEW -j CONNMARK --set-mark $tableNo 2>/dev/null
+ fi
+ add_routing
return $?
-
}
remove_an_ip () {
- local pubIp=$1
logger -t cloud "$(basename $0):Removing ip $pubIp on interface $ethDev"
- local ipNoMask=$(echo $1 | awk -F'/' '{print $1}')
- local mask=$(echo $1 | awk -F'/' '{print $2}')
- local existingIpMask=$(sudo ip addr show dev $ethDev | grep inet | awk '{print $2}' | grep -w $ipNoMask)
- [ "$existingIpMask" == "" ] && return 0
- remove_snat $1
- local existingMask=$(echo $existingIpMask | awk -F'/' '{print $2}')
- if [ "$existingMask" == "32" ]
- then
- sudo ip addr del dev $ethDev $existingIpMask
- result=$?
- fi
-
- if [ "$existingMask" != "32" ]
- then
- replaceIpMask=`sudo ip addr show dev $ethDev | grep inet | grep -v $existingIpMask | awk '{print $2}' | sort -t/ -k2 -n|tail -1`
- sudo ip addr del dev $ethDev $existingIpMask;
- if [ -n "$replaceIpMask" ]; then
- sudo ip addr del dev $ethDev $replaceIpMask;
- replaceIp=`echo $replaceIpMask | awk -F/ '{print $1}'`;
- ip_addr_add $ethDev $replaceIp/$existingMask
- fi
- result=$?
- fi
-
- if [ $result -gt 0 -a $result -ne 2 ]
- then
- remove_routing $1
- return 1
- fi
- remove_routing $1
+ local existingIpMask=$(sudo ip addr show dev $ethDev | grep "inet " | awk '{print $2}')
+
+ sudo ip addr del dev $ethDev $pubIp/$mask
+ # reapply IPs in this interface
+ for ipMask in $existingIpMask
+ do
+ if [ "$ipMask" == "$pubIp/$mask" ]
+ then
+ continue
+ fi
+ sudo ip addr add dev $ethDev $ipMask
+ done
+
+ remove_routing
return 0
}
#set -x
-lflag=
-cflag=
+lflag=0
+cflag=0
+gflag=0
+mflag=0
+nflag=0
op=""
-while getopts 'sfADa:l:c:g:' OPTION
+while getopts 'ADl:c:g:m:n:' OPTION
do
case $OPTION in
A) Aflag=1
@@ -181,7 +112,7 @@ do
op="-D"
;;
l) lflag=1
- publicIp="$OPTARG"
+ pubIp="$OPTARG"
;;
c) cflag=1
ethDev="$OPTARG"
@@ -189,6 +120,12 @@ do
g) gflag=1
defaultGwIP="$OPTARG"
;;
+ m) mflag=1
+ mask="$OPTARG"
+ ;;
+ n) nflag=1
+ subnet="$OPTARG"
+ ;;
?) usage
unlock_exit 2 $lock $locked
;;
@@ -198,14 +135,14 @@ done
if [ "$Aflag$Dflag" != "1" ]
then
- usage
- unlock_exit 2 $lock $locked
+ usage
+ unlock_exit 2 $lock $locked
fi
-if [ "$lflag$cflag" != "11" ]
+if [ "$lflag$cflag$gflag$mflag$nflag" != "11111" ]
then
- usage
- unlock_exit 2 $lock $locked
+ usage
+ unlock_exit 2 $lock $locked
fi
@@ -223,3 +160,4 @@ then
fi
+unlock_exit 1 $lock $locked