You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by ya...@apache.org on 2014/01/21 03:49:37 UTC
git commit: updated refs/heads/master to e88cc48
Updated Branches:
refs/heads/master 09fa6e5d8 -> e88cc488e
CLOUDSTACK-5779: Move loadbalancer to use routerProxy
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/e88cc488
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/e88cc488
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/e88cc488
Branch: refs/heads/master
Commit: e88cc488e5a9011f2c199f906bb0dacdb95685d7
Parents: 09fa6e5
Author: Sheng Yang <sh...@citrix.com>
Authored: Mon Jan 20 17:34:27 2014 -0800
Committer: Sheng Yang <sh...@citrix.com>
Committed: Mon Jan 20 18:48:46 2014 -0800
----------------------------------------------------------------------
.../virtualnetwork/VirtualRoutingResource.java | 118 ++-----
.../vmware/resource/VmwareResource.java | 187 +++--------
.../xen/resource/CitrixResourceBase.java | 100 ++----
scripts/network/domr/call_loadbalancer.sh | 101 ------
scripts/vm/hypervisor/xenserver/vmops | 17 +-
.../debian/config/opt/cloud/bin/loadbalancer.sh | 320 +++++++++++++++++++
.../patches/debian/config/root/loadbalancer.sh | 320 -------------------
7 files changed, 419 insertions(+), 744 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e88cc488/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
----------------------------------------------------------------------
diff --git a/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java b/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
index ff99b92..732d7b4 100755
--- a/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
+++ b/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
@@ -75,13 +75,10 @@ import org.apache.log4j.Logger;
import javax.ejb.Local;
import javax.naming.ConfigurationException;
import java.io.BufferedReader;
-import java.io.BufferedWriter;
import java.io.File;
-import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
-import java.io.PrintWriter;
import java.net.InetSocketAddress;
import java.net.URL;
import java.net.URLConnection;
@@ -102,7 +99,6 @@ import java.util.Map;
public class VirtualRoutingResource implements Manager {
private static final Logger s_logger = Logger.getLogger(VirtualRoutingResource.class);
private String _publicIpAddress;
- private String _loadbPath;
private String _publicEthIf;
private String _privateEthIf;
private String _routerProxyPath;
@@ -354,7 +350,20 @@ public class VirtualRoutingResource implements Manager {
return new SetStaticNatRulesAnswer(cmd, results, endResult);
}
- protected Answer VPCLoadBalancerConfig(final LoadBalancerConfigCommand cmd) {
+ protected boolean createFileInVR(String routerIp, String path, String filename, String content) {
+ File permKey = new File("/root/.ssh/id_rsa.cloud");
+ boolean result = true;
+
+ try {
+ SshHelper.scpTo(routerIp, 3922, "root", permKey, null, path, content.getBytes(), filename, null);
+ } catch (Exception e) {
+ s_logger.warn("Fail to create file " + path + filename + " in VR " + routerIp, e);
+ result = false;
+ }
+ return result;
+ }
+
+ private Answer execute(LoadBalancerConfigCommand cmd) {
String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
if (routerIp == null) {
@@ -368,25 +377,24 @@ public class VirtualRoutingResource implements Manager {
tmpCfgFileContents += config[i];
tmpCfgFileContents += "\n";
}
- File permKey = new File("/root/.ssh/id_rsa.cloud");
- try {
- SshHelper.scpTo(routerIp, 3922, "root", permKey, null, "/etc/haproxy/", tmpCfgFileContents.getBytes(), "haproxy.cfg.new", null);
+ if (!createFileInVR(routerIp, "/etc/haproxy/", "haproxy.cfg.new", tmpCfgFileContents)) {
+ return new Answer(cmd, false, "Fail to copy LB config file to VR");
+ }
+ try {
String[][] rules = cfgtr.generateFwRules(cmd);
String[] addRules = rules[LoadBalancerConfigurator.ADD];
String[] removeRules = rules[LoadBalancerConfigurator.REMOVE];
String[] statRules = rules[LoadBalancerConfigurator.STATS];
- String ip = cmd.getNic().getIp();
- String args = " -i " + ip;
+ String args = "";
StringBuilder sb = new StringBuilder();
if (addRules.length > 0) {
for (int i = 0; i < addRules.length; i++) {
sb.append(addRules[i]).append(',');
}
-
args += " -a " + sb.toString();
}
@@ -408,7 +416,15 @@ public class VirtualRoutingResource implements Manager {
args += " -s " + sb.toString();
}
- String result = routerProxy("vpc_loadbalancer.sh", routerIp, args);
+ String result;
+
+ if (cmd.getVpcId() == null) {
+ args = " -i " + routerIp + args;
+ result = routerProxy("loadbalancer.sh", routerIp, args);
+ } else {
+ args = " -i " + cmd.getNic().getIp() + args;
+ result = routerProxy("vpc_loadbalancer.sh", routerIp, args);
+ }
if (result != null) {
return new Answer(cmd, false, "LoadBalancerConfigCommand failed");
@@ -420,41 +436,6 @@ public class VirtualRoutingResource implements Manager {
}
}
- private Answer execute(LoadBalancerConfigCommand cmd) {
- if (cmd.getVpcId() != null) {
- return VPCLoadBalancerConfig(cmd);
- }
-
- String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
- File tmpCfgFile = null;
- try {
- String cfgFilePath = "";
- LoadBalancerConfigurator cfgtr = new HAProxyConfigurator();
- String[] config = cfgtr.generateConfiguration(cmd);
- String[][] rules = cfgtr.generateFwRules(cmd);
- if (routerIp != null) {
- tmpCfgFile = File.createTempFile(routerIp.replace('.', '_'), "cfg");
- final PrintWriter out = new PrintWriter(new BufferedWriter(new FileWriter(tmpCfgFile)));
- for (int i = 0; i < config.length; i++) {
- out.println(config[i]);
- }
- out.close();
- cfgFilePath = tmpCfgFile.getAbsolutePath();
- }
-
- final String result =
- setLoadBalancerConfig(cfgFilePath, rules[LoadBalancerConfigurator.ADD], rules[LoadBalancerConfigurator.REMOVE], rules[LoadBalancerConfigurator.STATS],
- routerIp);
-
- return new Answer(cmd, result == null, result);
- } catch (final IOException e) {
- return new Answer(cmd, false, e.getMessage());
- } finally {
- if (tmpCfgFile != null) {
- tmpCfgFile.delete();
- }
- }
- }
protected Answer execute(VmDataCommand cmd) {
String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
@@ -496,44 +477,6 @@ public class VirtualRoutingResource implements Manager {
return new IpAssocAnswer(cmd, results);
}
- private String setLoadBalancerConfig(final String cfgFile, final String[] addRules, final String[] removeRules, final String[] statsRules, String routerIp) {
-
- if (routerIp == null) {
- routerIp = "none";
- }
-
- final Script command = new Script(_loadbPath, _timeout, s_logger);
-
- command.add("-i", routerIp);
- command.add("-f", cfgFile);
-
- StringBuilder sb = new StringBuilder();
- if (addRules.length > 0) {
- for (int i = 0; i < addRules.length; i++) {
- sb.append(addRules[i]).append(',');
- }
- command.add("-a", sb.toString());
- }
-
- sb = new StringBuilder();
- if (removeRules.length > 0) {
- for (int i = 0; i < removeRules.length; i++) {
- sb.append(removeRules[i]).append(',');
- }
- command.add("-d", sb.toString());
- }
-
- sb = new StringBuilder();
- if (statsRules.length > 0) {
- for (int i = 0; i < statsRules.length; i++) {
- sb.append(statsRules[i]).append(',');
- }
- command.add("-s", sb.toString());
- }
-
- return command.execute();
- }
-
protected Answer execute(final SavePasswordCommand cmd) {
final String password = cmd.getPassword();
final String routerPrivateIPAddress = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
@@ -1104,11 +1047,6 @@ public class VirtualRoutingResource implements Manager {
s_logger.warn("Incoming public ip address is overriden. Will always be using the same ip address: " + _publicIpAddress);
}
- _loadbPath = findScript("call_loadbalancer.sh");
- if (_loadbPath == null) {
- throw new ConfigurationException("Unable to find the call_loadbalancer.sh");
- }
-
_publicEthIf = (String)params.get("public.network.device");
if (_publicEthIf == null) {
_publicEthIf = "xenbr1";
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e88cc488/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
----------------------------------------------------------------------
diff --git a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
index 24915a2..566d175 100755
--- a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
+++ b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
@@ -1035,97 +1035,22 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa
return new SetStaticNatRulesAnswer(cmd, results, endResult);
}
- protected Answer VPCLoadBalancerConfig(final LoadBalancerConfigCommand cmd) {
+ protected boolean createFileInVR(String routerIp, String filePath, String fileName, String content) {
VmwareManager mgr = getServiceContext().getStockObject(VmwareManager.CONTEXT_STOCK_NAME);
File keyFile = mgr.getSystemVMKeyFile();
-
- String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
- String controlIp = getRouterSshControlIp(cmd);
-
- assert (controlIp != null);
-
- LoadBalancerConfigurator cfgtr = new HAProxyConfigurator();
- String[] config = cfgtr.generateConfiguration(cmd);
-
- String tmpCfgFilePath = "/etc/haproxy/haproxy.cfg.new";
- String tmpCfgFileContents = "";
- for (int i = 0; i < config.length; i++) {
- tmpCfgFileContents += config[i];
- tmpCfgFileContents += "\n";
- }
+ boolean result = true;
try {
- SshHelper.scpTo(controlIp, DefaultDomRSshPort, "root", keyFile, null, "/etc/haproxy/", tmpCfgFileContents.getBytes(), "haproxy.cfg.new", null);
-
- try {
- String[][] rules = cfgtr.generateFwRules(cmd);
-
- String[] addRules = rules[LoadBalancerConfigurator.ADD];
- String[] removeRules = rules[LoadBalancerConfigurator.REMOVE];
- String[] statRules = rules[LoadBalancerConfigurator.STATS];
-
- String args = "";
- String ip = cmd.getNic().getIp();
- args += " -i " + ip;
- StringBuilder sb = new StringBuilder();
- if (addRules.length > 0) {
- for (int i = 0; i < addRules.length; i++) {
- sb.append(addRules[i]).append(',');
- }
-
- args += " -a " + sb.toString();
- }
-
- sb = new StringBuilder();
- if (removeRules.length > 0) {
- for (int i = 0; i < removeRules.length; i++) {
- sb.append(removeRules[i]).append(',');
- }
-
- args += " -d " + sb.toString();
- }
-
- sb = new StringBuilder();
- if (statRules.length > 0) {
- for (int i = 0; i < statRules.length; i++) {
- sb.append(statRules[i]).append(',');
- }
-
- args += " -s " + sb.toString();
- }
-
- // Invoke the command
- Pair<Boolean, String> result =
- SshHelper.sshExecute(controlIp, DefaultDomRSshPort, "root", mgr.getSystemVMKeyFile(), null, "/opt/cloud/bin/vpc_loadbalancer.sh " + args);
-
- if (!result.first()) {
- String msg = "LoadBalancerConfigCommand on domain router " + routerIp + " failed. message: " + result.second();
- s_logger.error(msg);
-
- return new Answer(cmd, false, msg);
- }
-
- if (s_logger.isInfoEnabled()) {
- s_logger.info("VPCLoadBalancerConfigCommand on domain router " + routerIp + " completed");
- }
- } finally {
- SshHelper.sshExecute(controlIp, DefaultDomRSshPort, "root", mgr.getSystemVMKeyFile(), null, "rm " + tmpCfgFilePath);
- }
- return new Answer(cmd);
- } catch (Throwable e) {
- s_logger.error("Unexpected exception: " + e.toString(), e);
- return new Answer(cmd, false, "VPCLoadBalancerConfigCommand failed due to " + VmwareHelper.getExceptionMessage(e));
+ SshHelper.scpTo(routerIp, 3922, "root", keyFile, null, filePath, content.getBytes(), fileName, null);
+ } catch (Exception e) {
+ s_logger.warn("Fail to create file " + filePath + fileName + " in VR " + routerIp, e);
+ result = false;
}
+ return result;
}
protected Answer execute(final LoadBalancerConfigCommand cmd) {
-
- if (cmd.getVpcId() != null) {
- return VPCLoadBalancerConfig(cmd);
- }
-
VmwareManager mgr = getServiceContext().getStockObject(VmwareManager.CONTEXT_STOCK_NAME);
- File keyFile = mgr.getSystemVMKeyFile();
String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
String controlIp = getRouterSshControlIp(cmd);
@@ -1135,82 +1060,74 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa
LoadBalancerConfigurator cfgtr = new HAProxyConfigurator();
String[] config = cfgtr.generateConfiguration(cmd);
- String[][] rules = cfgtr.generateFwRules(cmd);
- String tmpCfgFilePath = "/tmp/" + routerIp.replace('.', '_') + ".cfg";
String tmpCfgFileContents = "";
+ String tmpCfgFileName = "haproxy.cfg.new";
+ String tmpCfgFilePath = "/etc/haproxy/";
for (int i = 0; i < config.length; i++) {
tmpCfgFileContents += config[i];
tmpCfgFileContents += "\n";
}
- try {
- SshHelper.scpTo(controlIp, DefaultDomRSshPort, "root", keyFile, null, "/tmp/", tmpCfgFileContents.getBytes(), routerIp.replace('.', '_') + ".cfg", null);
+ if (!createFileInVR(controlIp, "/etc/haproxy/", "haproxy.cfg.new", tmpCfgFileContents)) {
+ return new Answer(cmd, false, "Fail to create LB config file in VR");
+ }
- try {
- String[] addRules = rules[LoadBalancerConfigurator.ADD];
- String[] removeRules = rules[LoadBalancerConfigurator.REMOVE];
- String[] statRules = rules[LoadBalancerConfigurator.STATS];
-
- String args = "";
- args += "-i " + routerIp;
- args += " -f " + tmpCfgFilePath;
-
- StringBuilder sb = new StringBuilder();
- if (addRules.length > 0) {
- for (int i = 0; i < addRules.length; i++) {
- sb.append(addRules[i]).append(',');
- }
+ try {
- args += " -a " + sb.toString();
- }
+ String[][] rules = cfgtr.generateFwRules(cmd);
- sb = new StringBuilder();
- if (removeRules.length > 0) {
- for (int i = 0; i < removeRules.length; i++) {
- sb.append(removeRules[i]).append(',');
- }
+ String[] addRules = rules[LoadBalancerConfigurator.ADD];
+ String[] removeRules = rules[LoadBalancerConfigurator.REMOVE];
+ String[] statRules = rules[LoadBalancerConfigurator.STATS];
- args += " -d " + sb.toString();
+ String args = "";
+ StringBuilder sb = new StringBuilder();
+ if (addRules.length > 0) {
+ for (int i = 0; i < addRules.length; i++) {
+ sb.append(addRules[i]).append(',');
}
- sb = new StringBuilder();
- if (statRules.length > 0) {
- for (int i = 0; i < statRules.length; i++) {
- sb.append(statRules[i]).append(',');
- }
+ args += " -a " + sb.toString();
+ }
- args += " -s " + sb.toString();
+ sb = new StringBuilder();
+ if (removeRules.length > 0) {
+ for (int i = 0; i < removeRules.length; i++) {
+ sb.append(removeRules[i]).append(',');
}
- Pair<Boolean, String> result =
- SshHelper.sshExecute(controlIp, DefaultDomRSshPort, "root", mgr.getSystemVMKeyFile(), null, "scp " + tmpCfgFilePath +
- " /etc/haproxy/haproxy.cfg.new");
-
- if (!result.first()) {
- s_logger.error("Unable to copy haproxy configuration file");
- return new Answer(cmd, false, "LoadBalancerConfigCommand failed due to uanble to copy haproxy configuration file");
- }
+ args += " -d " + sb.toString();
+ }
- if (s_logger.isDebugEnabled()) {
- s_logger.debug("Run command on domain router " + routerIp + ", /root/loadbalancer.sh " + args);
+ sb = new StringBuilder();
+ if (statRules.length > 0) {
+ for (int i = 0; i < statRules.length; i++) {
+ sb.append(statRules[i]).append(',');
}
- result = SshHelper.sshExecute(controlIp, DefaultDomRSshPort, "root", mgr.getSystemVMKeyFile(), null, "/root/loadbalancer.sh " + args);
+ args += " -s " + sb.toString();
+ }
- if (!result.first()) {
- String msg = "LoadBalancerConfigCommand on domain router " + routerIp + " failed. message: " + result.second();
- s_logger.error(msg);
+ Pair<Boolean, String> result;
+ if (cmd.getVpcId() == null) {
+ args = " -i " + routerIp + args;
+ result = SshHelper.sshExecute(controlIp, DefaultDomRSshPort, "root", mgr.getSystemVMKeyFile(), null, "/opt/cloud/bin/loadbalancer.sh " + args);
+ } else {
+ args = " -i " + cmd.getNic().getIp() + args;
+ result = SshHelper.sshExecute(controlIp, DefaultDomRSshPort, "root", mgr.getSystemVMKeyFile(), null, "/opt/cloud/bin/vpc_loadbalancer.sh " + args);
+ }
+ // Invoke the command
- return new Answer(cmd, false, msg);
- }
+ if (!result.first()) {
+ String msg = "LoadBalancerConfigCommand on domain router " + routerIp + " failed. message: " + result.second();
+ s_logger.error(msg);
- if (s_logger.isInfoEnabled()) {
- s_logger.info("LoadBalancerConfigCommand on domain router " + routerIp + " completed");
- }
- } finally {
- SshHelper.sshExecute(controlIp, DefaultDomRSshPort, "root", mgr.getSystemVMKeyFile(), null, "rm " + tmpCfgFilePath);
+ return new Answer(cmd, false, msg);
}
+ if (s_logger.isInfoEnabled()) {
+ s_logger.info("LoadBalancerConfigCommand on domain router " + routerIp + " completed");
+ }
return new Answer(cmd);
} catch (Throwable e) {
s_logger.error("Unexpected exception: " + e.toString(), e);
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e88cc488/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
----------------------------------------------------------------------
diff --git a/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java b/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
index e7e4ee3..5aed214 100644
--- a/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
+++ b/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
@@ -2125,71 +2125,6 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
return new SetStaticNatRulesAnswer(cmd, results, endResult);
}
- protected Answer VPCLoadBalancerConfig(final LoadBalancerConfigCommand cmd) {
- Connection conn = getConnection();
- String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
-
- if (routerIp == null) {
- return new Answer(cmd);
- }
-
- LoadBalancerConfigurator cfgtr = new HAProxyConfigurator();
- String[] config = cfgtr.generateConfiguration(cmd);
- String tmpCfgFileContents = "";
- for (int i = 0; i < config.length; i++) {
- tmpCfgFileContents += config[i];
- tmpCfgFileContents += "\n";
- }
- String tmpCfgFilePath = "/etc/haproxy/haproxy.cfg.new";
- String result = callHostPlugin(conn, "vmops", "createFileInDomr", "domrip", routerIp, "filepath", tmpCfgFilePath, "filecontents", tmpCfgFileContents);
-
- if (result == null || result.isEmpty()) {
- return new Answer(cmd, false, "LoadBalancerConfigCommand failed to create HA proxy cfg file.");
- }
-
- String[][] rules = cfgtr.generateFwRules(cmd);
-
- String[] addRules = rules[LoadBalancerConfigurator.ADD];
- String[] removeRules = rules[LoadBalancerConfigurator.REMOVE];
- String[] statRules = rules[LoadBalancerConfigurator.STATS];
-
- String ip = cmd.getNic().getIp();
- String args = "-i " + ip;
- StringBuilder sb = new StringBuilder();
- if (addRules.length > 0) {
- for (int i = 0; i < addRules.length; i++) {
- sb.append(addRules[i]).append(',');
- }
-
- args += " -a " + sb.toString();
- }
-
- sb = new StringBuilder();
- if (removeRules.length > 0) {
- for (int i = 0; i < removeRules.length; i++) {
- sb.append(removeRules[i]).append(',');
- }
-
- args += " -d " + sb.toString();
- }
-
- sb = new StringBuilder();
- if (statRules.length > 0) {
- for (int i = 0; i < statRules.length; i++) {
- sb.append(statRules[i]).append(',');
- }
-
- args += " -s " + sb.toString();
- }
-
- result = routerProxy("vpc_loadbalancer.sh", cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP), args);
-
- if (result == null || result.isEmpty()) {
- return new Answer(cmd, false, "LoadBalancerConfigCommand failed");
- }
- return new Answer(cmd);
- }
-
protected Answer execute(final CreateIpAliasCommand cmd) {
String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
List<IpAliasTO> ipAliasTOs = cmd.getIpAliasList();
@@ -2244,11 +2179,12 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
}
- protected Answer execute(final LoadBalancerConfigCommand cmd) {
- if (cmd.getVpcId() != null) {
- return VPCLoadBalancerConfig(cmd);
- }
+ protected String createFileInVR(String routerIp, String path, String content) {
Connection conn = getConnection();
+ return callHostPlugin(conn, "vmops", "createFileInDomr", "domrip", routerIp, "filepath", path, "filecontents", content);
+ }
+
+ protected Answer execute(final LoadBalancerConfigCommand cmd) {
String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
if (routerIp == null) {
@@ -2257,29 +2193,26 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
LoadBalancerConfigurator cfgtr = new HAProxyConfigurator();
String[] config = cfgtr.generateConfiguration(cmd);
-
- String[][] rules = cfgtr.generateFwRules(cmd);
- String tmpCfgFilePath = "/tmp/" + routerIp.replace('.', '_') + ".cfg";
String tmpCfgFileContents = "";
for (int i = 0; i < config.length; i++) {
tmpCfgFileContents += config[i];
tmpCfgFileContents += "\n";
}
-
- String result = callHostPlugin(conn, "vmops", "createFile", "filepath", tmpCfgFilePath, "filecontents", tmpCfgFileContents);
+ String tmpCfgFilePath = "/etc/haproxy/haproxy.cfg.new";
+ String result = createFileInVR(routerIp, tmpCfgFilePath, tmpCfgFileContents);
if (result == null || result.isEmpty()) {
return new Answer(cmd, false, "LoadBalancerConfigCommand failed to create HA proxy cfg file.");
}
+ String[][] rules = cfgtr.generateFwRules(cmd);
+
String[] addRules = rules[LoadBalancerConfigurator.ADD];
String[] removeRules = rules[LoadBalancerConfigurator.REMOVE];
String[] statRules = rules[LoadBalancerConfigurator.STATS];
- String args = "";
- args += "-i " + routerIp;
- args += " -f " + tmpCfgFilePath;
-
+ String ip = cmd.getNic().getIp();
+ String args = " -i " + ip;
StringBuilder sb = new StringBuilder();
if (addRules.length > 0) {
for (int i = 0; i < addRules.length; i++) {
@@ -2307,14 +2240,17 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
args += " -s " + sb.toString();
}
- result = callHostPlugin(conn, "vmops", "setLoadBalancerRule", "args", args);
+ if (cmd.getVpcId() == null) {
+ args = " -i " + routerIp + args;
+ result = routerProxy("loadbalancer.sh", routerIp, args);
+ } else {
+ args = " -i " + cmd.getNic().getIp() + args;
+ result = routerProxy("vpc_loadbalancer.sh", routerIp, args);
+ }
if (result == null || result.isEmpty()) {
return new Answer(cmd, false, "LoadBalancerConfigCommand failed");
}
-
- callHostPlugin(conn, "vmops", "deleteFile", "filepath", tmpCfgFilePath);
-
return new Answer(cmd);
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e88cc488/scripts/network/domr/call_loadbalancer.sh
----------------------------------------------------------------------
diff --git a/scripts/network/domr/call_loadbalancer.sh b/scripts/network/domr/call_loadbalancer.sh
deleted file mode 100755
index 070947c..0000000
--- a/scripts/network/domr/call_loadbalancer.sh
+++ /dev/null
@@ -1,101 +0,0 @@
-#!/usr/bin/env bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
-# $Id: call_loadbalancer.sh 9132 2010-06-04 20:17:43Z manuel $ $HeadURL: svn://svn.lab.vmops.com/repos/branches/2.0.0/java/scripts/vm/hypervisor/xenserver/patch/call_loadbalancer.sh $
-# loadbalancer.sh -- reconfigure loadbalancer rules
-
-usage() {
- printf "Usage: %s: -i <domR eth1 ip> -a <added public ip address> -d <removed> -f <load balancer config> -s <stats guest ip >\n" $(basename $0) >&2
-}
-
-set -x
-
-check_gw() {
- ping -c 1 -n -q $1 > /dev/null
- if [ $? -gt 0 ]
- then
- sleep 1
- ping -c 1 -n -q $1 > /dev/null
- fi
- return $?;
-}
-
-copy_haproxy() {
- local domRIp=$1
- local cfg=$2
-
- scp -P 3922 -q -o StrictHostKeyChecking=no -i $cert $cfg root@$domRIp:/etc/haproxy/haproxy.cfg.new
- return $?
-}
-
-iflag=
-aflag=
-dflag=
-fflag=
-sflag=
-
-while getopts 'i:a:d:f:s:' OPTION
-do
- case $OPTION in
- i) iflag=1
- domRIp="$OPTARG"
- ;;
- a) aflag=1
- addedIps="$OPTARG"
- ;;
- d) dflag=1
- removedIps="$OPTARG"
- ;;
- f) fflag=1
- cfgfile="$OPTARG"
- ;;
- s) sflag=1
- statsIps="$OPTARG"
- ;;
- ?) usage
- exit 2
- ;;
- esac
-done
-
-cert="/root/.ssh/id_rsa.cloud"
-
-if [ "$iflag$fflag" != "11" ]
-then
- usage
- exit 2
-fi
-
-# Check if DomR is up and running. If it isn't, exit 1.
-check_gw "$domRIp"
-if [ $? -gt 0 ]
-then
- exit 1
-fi
-
-copy_haproxy $domRIp $cfgfile
-
-if [ $? -gt 0 ]
-then
- printf "Reconfiguring loadbalancer failed\n"
- exit 1
-fi
-
-ssh -p 3922 -q -o StrictHostKeyChecking=no -i $cert root@$domRIp "/root/loadbalancer.sh $*"
-exit $?
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e88cc488/scripts/vm/hypervisor/xenserver/vmops
----------------------------------------------------------------------
diff --git a/scripts/vm/hypervisor/xenserver/vmops b/scripts/vm/hypervisor/xenserver/vmops
index 82d4a9f..96b7866 100755
--- a/scripts/vm/hypervisor/xenserver/vmops
+++ b/scripts/vm/hypervisor/xenserver/vmops
@@ -239,21 +239,6 @@ def routerProxy(session, args):
return txt
@echo
-def setLoadBalancerRule(session, args):
- sargs = args['args']
- cmd = sargs.split(' ')
- cmd.insert(0, "/opt/cloud/bin/call_loadbalancer.sh")
- cmd.insert(0, "/bin/bash")
- try:
- txt = util.pread2(cmd)
- txt = 'success'
- except:
- logging.debug(" set loadbalancer rule failed " )
- txt = ''
-
- return txt
-
-@echo
def createFile(session, args):
file_path = args['filepath']
file_contents = args['filecontents']
@@ -1540,7 +1525,7 @@ if __name__ == "__main__":
"setIptables": setIptables, "pingdomr": pingdomr, "pingxenserver": pingxenserver,
"savePassword": savePassword,
"routerProxy": routerProxy,
- "setLoadBalancerRule": setLoadBalancerRule, "createFile": createFile, "deleteFile": deleteFile,
+ "createFile": createFile, "deleteFile": deleteFile,
"network_rules":network_rules,
"can_bridge_firewall":can_bridge_firewall, "default_network_rules":default_network_rules,
"destroy_network_rules_for_vm":destroy_network_rules_for_vm,
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e88cc488/systemvm/patches/debian/config/opt/cloud/bin/loadbalancer.sh
----------------------------------------------------------------------
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/loadbalancer.sh b/systemvm/patches/debian/config/opt/cloud/bin/loadbalancer.sh
new file mode 100755
index 0000000..2c7f77a
--- /dev/null
+++ b/systemvm/patches/debian/config/opt/cloud/bin/loadbalancer.sh
@@ -0,0 +1,320 @@
+#!/usr/bin/env bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+
+
+# $Id: loadbalancer.sh 9947 2010-06-25 19:34:24Z manuel $ $HeadURL: svn://svn.lab.vmops.com/repos/vmdev/java/patches/xenserver/root/loadbalancer.sh $
+# loadbalancer.sh -- reconfigure loadbalancer rules
+# @VERSION@
+
+source /root/func.sh
+
+lock="biglock"
+locked=$(getLockFile $lock)
+if [ "$locked" != "1" ]
+then
+ exit 1
+fi
+
+usage() {
+ printf "Usage: %s: -i <domR eth1 ip> -a <added public ip address ip:port> -d <removed ip:port> -f <load balancer config> -s <stats ip ip:port:cidr> \n" $(basename $0) >&2
+}
+
+# set -x
+
+# ensure that the nic has the public ip we are load balancing on
+ip_entry() {
+ local added=$1
+ local removed=$2
+
+ if [ "$added" == "none" ]
+ then
+ added=""
+ fi
+
+ if [ "$removed" == "none" ]
+ then
+ removed=""
+ fi
+
+ local a=$(echo $added | cut -d, -f1- --output-delimiter=" ")
+ local r=$(echo $removed | cut -d, -f1- --output-delimiter=" ")
+
+ for i in $a
+ do
+ local pubIp=$(echo $i | cut -d: -f1)
+ logger -t cloud "Adding public ip $pubIp for load balancing"
+ for vif in $VIF_LIST; do
+ sudo ip addr add dev $vif $pubIp/32
+ #ignore error since it is because the ip is already there
+ done
+ done
+
+ for i in $r
+ do
+ logger -t cloud "Removing public ips for deleted loadbalancers"
+ local pubIp=$(echo $i | cut -d: -f1)
+ logger -t cloud "Removing public ip $pubIp for deleted loadbalancers"
+ for vif in $VIF_LIST; do
+ sudo ip addr del $pubIp/32 dev $vif
+ done
+ done
+
+ return 0
+}
+get_lb_vif_list() {
+# add eth0 to the VIF_LIST if it is not there, this allows guest VMs to use the LB service.
+ local lb_list="$VIF_LIST eth0";
+ lb_list=$(echo $lb_list | tr " " "\n" | sort | uniq | tr "\n" " ")
+ echo $lb_list
+}
+fw_remove_backup() {
+ local lb_vif_list=$(get_lb_vif_list)
+ for vif in $lb_vif_list; do
+ sudo iptables -F back_load_balancer_$vif 2> /dev/null
+ sudo iptables -D INPUT -i $vif -p tcp -j back_load_balancer_$vif 2> /dev/null
+ sudo iptables -X back_load_balancer_$vif 2> /dev/null
+ done
+ sudo iptables -F back_lb_stats 2> /dev/null
+ sudo iptables -D INPUT -p tcp -j back_lb_stats 2> /dev/null
+ sudo iptables -X back_lb_stats 2> /dev/null
+}
+fw_restore() {
+ local lb_vif_list=$(get_lb_vif_list)
+ for vif in $lb_vif_list; do
+ sudo iptables -F load_balancer_$vif 2> /dev/null
+ sudo iptables -D INPUT -i $vif -p tcp -j load_balancer_$vif 2> /dev/null
+ sudo iptables -X load_balancer_$vif 2> /dev/null
+ sudo iptables -E back_load_balancer_$vif load_balancer_$vif 2> /dev/null
+ done
+ sudo iptables -F lb_stats 2> /dev/null
+ sudo iptables -D INPUT -p tcp -j lb_stats 2> /dev/null
+ sudo iptables -X lb_stats 2> /dev/null
+ sudo iptables -E back_lb_stats lb_stats 2> /dev/null
+}
+# firewall entry to ensure that haproxy can receive on specified port
+fw_entry() {
+ local added=$1
+ local removed=$2
+ local stats=$3
+
+ if [ "$added" == "none" ]
+ then
+ added=""
+ fi
+
+ if [ "$removed" == "none" ]
+ then
+ removed=""
+ fi
+
+ local a=$(echo $added | cut -d, -f1- --output-delimiter=" ")
+ local r=$(echo $removed | cut -d, -f1- --output-delimiter=" ")
+
+# back up the iptable rules by renaming before creating new.
+ local lb_vif_list=$(get_lb_vif_list)
+ for vif in $lb_vif_list; do
+ sudo iptables -E load_balancer_$vif back_load_balancer_$vif 2> /dev/null
+ sudo iptables -N load_balancer_$vif 2> /dev/null
+ sudo iptables -A INPUT -i $vif -p tcp -j load_balancer_$vif
+ done
+ sudo iptables -E lb_stats back_lb_stats 2> /dev/null
+ sudo iptables -N lb_stats 2> /dev/null
+ sudo iptables -A INPUT -p tcp -j lb_stats
+
+ for i in $a
+ do
+ local pubIp=$(echo $i | cut -d: -f1)
+ local dport=$(echo $i | cut -d: -f2)
+ local lb_vif_list=$(get_lb_vif_list)
+ for vif in $lb_vif_list; do
+
+#TODO : The below delete will be used only when we upgrade the from older verion to the newer one , the below delete become obsolute in the future.
+ sudo iptables -D INPUT -i $vif -p tcp -d $pubIp --dport $dport -j ACCEPT 2> /dev/null
+
+ sudo iptables -A load_balancer_$vif -p tcp -d $pubIp --dport $dport -j ACCEPT
+
+ if [ $? -gt 0 ]
+ then
+ return 1
+ fi
+ done
+ done
+ local pubIp=$(echo $stats | cut -d: -f1)
+ local dport=$(echo $stats | cut -d: -f2)
+ local cidrs=$(echo $stats | cut -d: -f3 | sed 's/-/,/')
+ sudo iptables -A lb_stats -s $cidrs -p tcp -m state --state NEW -d $pubIp --dport $dport -j ACCEPT
+
+
+#TODO : The below delete in the for-loop will be used only when we upgrade the from older verion to the newer one , the below delete become obsolute in the future.
+ for i in $r
+ do
+ local pubIp=$(echo $i | cut -d: -f1)
+ local dport=$(echo $i | cut -d: -f2)
+
+ for vif in $VIF_LIST; do
+ sudo iptables -D INPUT -i $vif -p tcp -d $pubIp --dport $dport -j ACCEPT 2> /dev/null
+ done
+ done
+
+ return 0
+}
+
+#Hot reconfigure HA Proxy in the routing domain
+reconfig_lb() {
+ /root/reconfigLB.sh
+ return $?
+}
+
+# Restore the HA Proxy to its previous state, and revert iptables rules on DomR
+restore_lb() {
+ logger -t cloud "Restoring HA Proxy to previous state"
+ # Copy the old version of haproxy.cfg into the file that reconfigLB.sh uses
+ cp /etc/haproxy/haproxy.cfg.old /etc/haproxy/haproxy.cfg.new
+
+ if [ $? -eq 0 ]
+ then
+ # Run reconfigLB.sh again
+ /root/reconfigLB.sh
+ fi
+}
+
+get_vif_list() {
+ local vif_list=""
+ for i in /sys/class/net/eth*; do
+ vif=$(basename $i);
+ if [ "$vif" != "eth0" ] && [ "$vif" != "eth1" ]
+ then
+ vif_list="$vif_list $vif";
+ fi
+ done
+ if [ "$vif_list" == "" ]
+ then
+ vif_list="eth0"
+ fi
+
+ logger -t cloud "Loadbalancer public interfaces = $vif_list"
+ echo $vif_list
+}
+
+mflag=
+iflag=
+aflag=
+dflag=
+fflag=
+sflag=
+
+while getopts 'i:a:d:f:s:' OPTION
+do
+ case $OPTION in
+ i) iflag=1
+ domRIp="$OPTARG"
+ ;;
+ a) aflag=1
+ addedIps="$OPTARG"
+ ;;
+ d) dflag=1
+ removedIps="$OPTARG"
+ ;;
+ f) fflag=1
+ cfgfile="$OPTARG"
+ ;;
+
+ s) sflag=1
+ statsIp="$OPTARG"
+ ;;
+ ?) usage
+ unlock_exit 2 $lock $locked
+ ;;
+ esac
+done
+
+if [ "$addedIps" == "" ]
+then
+ addedIps="none"
+fi
+
+
+if [ "$removedIps" == "" ]
+then
+ removedIps="none"
+fi
+
+VIF_LIST=$(get_vif_list)
+
+
+if [ "$addedIps" == "" ]
+then
+ addedIps="none"
+fi
+
+if [ "$removedIps" == "" ]
+then
+ removedIps="none"
+fi
+
+#FIXME: make this explicit via check on vm type or passed in flag
+if [ "$VIF_LIST" == "eth0" ]
+then
+ ip_entry $addedIps $removedIps
+fi
+
+# hot reconfigure haproxy
+reconfig_lb $cfgfile
+
+if [ $? -gt 0 ]
+then
+ logger -t cloud "Reconfiguring loadbalancer failed"
+ #FIXME: make this explicit via check on vm type or passed in flag
+ if [ "$VIF_LIST" == "eth0" ]
+ then
+ ip_entry $removedIps $addedIps
+ fi
+ unlock_exit 1 $lock $locked
+fi
+
+# iptables entry to ensure that haproxy receives traffic
+fw_entry $addedIps $removedIps $statsIp
+
+if [ $? -gt 0 ]
+then
+ logger -t cloud "Failed to apply firewall rules for load balancing, reverting HA Proxy config"
+ # Restore the LB
+ restore_lb
+
+
+ logger -t cloud "Reverting firewall config"
+ # Revert iptables rules on DomR
+ fw_restore
+
+ #FIXME: make this explicit via check on vm type or passed in flag
+ if [ "$VIF_LIST" == "eth0" ]
+ then
+ logger -t cloud "Reverting ip address changes to eth0"
+ ip_entry $removedIps $addedIps
+ fi
+
+ unlock_exit 1 $lock $locked
+else
+ # Remove backedup iptable rules
+ fw_remove_backup
+fi
+
+unlock_exit 0 $lock $locked
+
+
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e88cc488/systemvm/patches/debian/config/root/loadbalancer.sh
----------------------------------------------------------------------
diff --git a/systemvm/patches/debian/config/root/loadbalancer.sh b/systemvm/patches/debian/config/root/loadbalancer.sh
deleted file mode 100755
index 2c7f77a..0000000
--- a/systemvm/patches/debian/config/root/loadbalancer.sh
+++ /dev/null
@@ -1,320 +0,0 @@
-#!/usr/bin/env bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
-
-# $Id: loadbalancer.sh 9947 2010-06-25 19:34:24Z manuel $ $HeadURL: svn://svn.lab.vmops.com/repos/vmdev/java/patches/xenserver/root/loadbalancer.sh $
-# loadbalancer.sh -- reconfigure loadbalancer rules
-# @VERSION@
-
-source /root/func.sh
-
-lock="biglock"
-locked=$(getLockFile $lock)
-if [ "$locked" != "1" ]
-then
- exit 1
-fi
-
-usage() {
- printf "Usage: %s: -i <domR eth1 ip> -a <added public ip address ip:port> -d <removed ip:port> -f <load balancer config> -s <stats ip ip:port:cidr> \n" $(basename $0) >&2
-}
-
-# set -x
-
-# ensure that the nic has the public ip we are load balancing on
-ip_entry() {
- local added=$1
- local removed=$2
-
- if [ "$added" == "none" ]
- then
- added=""
- fi
-
- if [ "$removed" == "none" ]
- then
- removed=""
- fi
-
- local a=$(echo $added | cut -d, -f1- --output-delimiter=" ")
- local r=$(echo $removed | cut -d, -f1- --output-delimiter=" ")
-
- for i in $a
- do
- local pubIp=$(echo $i | cut -d: -f1)
- logger -t cloud "Adding public ip $pubIp for load balancing"
- for vif in $VIF_LIST; do
- sudo ip addr add dev $vif $pubIp/32
- #ignore error since it is because the ip is already there
- done
- done
-
- for i in $r
- do
- logger -t cloud "Removing public ips for deleted loadbalancers"
- local pubIp=$(echo $i | cut -d: -f1)
- logger -t cloud "Removing public ip $pubIp for deleted loadbalancers"
- for vif in $VIF_LIST; do
- sudo ip addr del $pubIp/32 dev $vif
- done
- done
-
- return 0
-}
-get_lb_vif_list() {
-# add eth0 to the VIF_LIST if it is not there, this allows guest VMs to use the LB service.
- local lb_list="$VIF_LIST eth0";
- lb_list=$(echo $lb_list | tr " " "\n" | sort | uniq | tr "\n" " ")
- echo $lb_list
-}
-fw_remove_backup() {
- local lb_vif_list=$(get_lb_vif_list)
- for vif in $lb_vif_list; do
- sudo iptables -F back_load_balancer_$vif 2> /dev/null
- sudo iptables -D INPUT -i $vif -p tcp -j back_load_balancer_$vif 2> /dev/null
- sudo iptables -X back_load_balancer_$vif 2> /dev/null
- done
- sudo iptables -F back_lb_stats 2> /dev/null
- sudo iptables -D INPUT -p tcp -j back_lb_stats 2> /dev/null
- sudo iptables -X back_lb_stats 2> /dev/null
-}
-fw_restore() {
- local lb_vif_list=$(get_lb_vif_list)
- for vif in $lb_vif_list; do
- sudo iptables -F load_balancer_$vif 2> /dev/null
- sudo iptables -D INPUT -i $vif -p tcp -j load_balancer_$vif 2> /dev/null
- sudo iptables -X load_balancer_$vif 2> /dev/null
- sudo iptables -E back_load_balancer_$vif load_balancer_$vif 2> /dev/null
- done
- sudo iptables -F lb_stats 2> /dev/null
- sudo iptables -D INPUT -p tcp -j lb_stats 2> /dev/null
- sudo iptables -X lb_stats 2> /dev/null
- sudo iptables -E back_lb_stats lb_stats 2> /dev/null
-}
-# firewall entry to ensure that haproxy can receive on specified port
-fw_entry() {
- local added=$1
- local removed=$2
- local stats=$3
-
- if [ "$added" == "none" ]
- then
- added=""
- fi
-
- if [ "$removed" == "none" ]
- then
- removed=""
- fi
-
- local a=$(echo $added | cut -d, -f1- --output-delimiter=" ")
- local r=$(echo $removed | cut -d, -f1- --output-delimiter=" ")
-
-# back up the iptable rules by renaming before creating new.
- local lb_vif_list=$(get_lb_vif_list)
- for vif in $lb_vif_list; do
- sudo iptables -E load_balancer_$vif back_load_balancer_$vif 2> /dev/null
- sudo iptables -N load_balancer_$vif 2> /dev/null
- sudo iptables -A INPUT -i $vif -p tcp -j load_balancer_$vif
- done
- sudo iptables -E lb_stats back_lb_stats 2> /dev/null
- sudo iptables -N lb_stats 2> /dev/null
- sudo iptables -A INPUT -p tcp -j lb_stats
-
- for i in $a
- do
- local pubIp=$(echo $i | cut -d: -f1)
- local dport=$(echo $i | cut -d: -f2)
- local lb_vif_list=$(get_lb_vif_list)
- for vif in $lb_vif_list; do
-
-#TODO : The below delete will be used only when we upgrade the from older verion to the newer one , the below delete become obsolute in the future.
- sudo iptables -D INPUT -i $vif -p tcp -d $pubIp --dport $dport -j ACCEPT 2> /dev/null
-
- sudo iptables -A load_balancer_$vif -p tcp -d $pubIp --dport $dport -j ACCEPT
-
- if [ $? -gt 0 ]
- then
- return 1
- fi
- done
- done
- local pubIp=$(echo $stats | cut -d: -f1)
- local dport=$(echo $stats | cut -d: -f2)
- local cidrs=$(echo $stats | cut -d: -f3 | sed 's/-/,/')
- sudo iptables -A lb_stats -s $cidrs -p tcp -m state --state NEW -d $pubIp --dport $dport -j ACCEPT
-
-
-#TODO : The below delete in the for-loop will be used only when we upgrade the from older verion to the newer one , the below delete become obsolute in the future.
- for i in $r
- do
- local pubIp=$(echo $i | cut -d: -f1)
- local dport=$(echo $i | cut -d: -f2)
-
- for vif in $VIF_LIST; do
- sudo iptables -D INPUT -i $vif -p tcp -d $pubIp --dport $dport -j ACCEPT 2> /dev/null
- done
- done
-
- return 0
-}
-
-#Hot reconfigure HA Proxy in the routing domain
-reconfig_lb() {
- /root/reconfigLB.sh
- return $?
-}
-
-# Restore the HA Proxy to its previous state, and revert iptables rules on DomR
-restore_lb() {
- logger -t cloud "Restoring HA Proxy to previous state"
- # Copy the old version of haproxy.cfg into the file that reconfigLB.sh uses
- cp /etc/haproxy/haproxy.cfg.old /etc/haproxy/haproxy.cfg.new
-
- if [ $? -eq 0 ]
- then
- # Run reconfigLB.sh again
- /root/reconfigLB.sh
- fi
-}
-
-get_vif_list() {
- local vif_list=""
- for i in /sys/class/net/eth*; do
- vif=$(basename $i);
- if [ "$vif" != "eth0" ] && [ "$vif" != "eth1" ]
- then
- vif_list="$vif_list $vif";
- fi
- done
- if [ "$vif_list" == "" ]
- then
- vif_list="eth0"
- fi
-
- logger -t cloud "Loadbalancer public interfaces = $vif_list"
- echo $vif_list
-}
-
-mflag=
-iflag=
-aflag=
-dflag=
-fflag=
-sflag=
-
-while getopts 'i:a:d:f:s:' OPTION
-do
- case $OPTION in
- i) iflag=1
- domRIp="$OPTARG"
- ;;
- a) aflag=1
- addedIps="$OPTARG"
- ;;
- d) dflag=1
- removedIps="$OPTARG"
- ;;
- f) fflag=1
- cfgfile="$OPTARG"
- ;;
-
- s) sflag=1
- statsIp="$OPTARG"
- ;;
- ?) usage
- unlock_exit 2 $lock $locked
- ;;
- esac
-done
-
-if [ "$addedIps" == "" ]
-then
- addedIps="none"
-fi
-
-
-if [ "$removedIps" == "" ]
-then
- removedIps="none"
-fi
-
-VIF_LIST=$(get_vif_list)
-
-
-if [ "$addedIps" == "" ]
-then
- addedIps="none"
-fi
-
-if [ "$removedIps" == "" ]
-then
- removedIps="none"
-fi
-
-#FIXME: make this explicit via check on vm type or passed in flag
-if [ "$VIF_LIST" == "eth0" ]
-then
- ip_entry $addedIps $removedIps
-fi
-
-# hot reconfigure haproxy
-reconfig_lb $cfgfile
-
-if [ $? -gt 0 ]
-then
- logger -t cloud "Reconfiguring loadbalancer failed"
- #FIXME: make this explicit via check on vm type or passed in flag
- if [ "$VIF_LIST" == "eth0" ]
- then
- ip_entry $removedIps $addedIps
- fi
- unlock_exit 1 $lock $locked
-fi
-
-# iptables entry to ensure that haproxy receives traffic
-fw_entry $addedIps $removedIps $statsIp
-
-if [ $? -gt 0 ]
-then
- logger -t cloud "Failed to apply firewall rules for load balancing, reverting HA Proxy config"
- # Restore the LB
- restore_lb
-
-
- logger -t cloud "Reverting firewall config"
- # Revert iptables rules on DomR
- fw_restore
-
- #FIXME: make this explicit via check on vm type or passed in flag
- if [ "$VIF_LIST" == "eth0" ]
- then
- logger -t cloud "Reverting ip address changes to eth0"
- ip_entry $removedIps $addedIps
- fi
-
- unlock_exit 1 $lock $locked
-else
- # Remove backedup iptable rules
- fw_remove_backup
-fi
-
-unlock_exit 0 $lock $locked
-
-