diff options
25 files changed, 129 insertions, 33 deletions
diff --git a/scripts/keepalived/VyattaKeepalived.pm b/scripts/keepalived/VyattaKeepalived.pm index ae7a831e..70665638 100755 --- a/scripts/keepalived/VyattaKeepalived.pm +++ b/scripts/keepalived/VyattaKeepalived.pm @@ -64,7 +64,8 @@ sub is_running { sub start_daemon { my ($conf) = @_; - my $cmd = "$daemon --vrrp --log-facility 7 --log-detail --dump-conf --use-file $conf"; + my $cmd = "$daemon --vrrp --log-facility 7 --log-detail --dump-conf"; + $cmd .= " --use-file $conf"; system($cmd); vrrp_log("start_daemon"); } @@ -123,34 +124,32 @@ sub get_state_files { if ($group eq "all") { open($LS,"ls $state_dir |grep '^vrrpd_$intf.*\.state\$' | sort |"); } else { - open($LS,"ls $state_dir |grep '^vrrpd_$intf.\_$group\.state\$' | sort |"); + my $intf_group = $intf . "_" . $group . ".state"; + open($LS, + "ls $state_dir |grep '^vrrpd_$intf_group\$' | sort |"); } @state_files = <$LS>; close($LS); foreach my $i (0 .. $#state_files) { $state_files[$i] = "$state_dir/$state_files[$i]"; } - chomp @state_files; + chomp @state_files; return @state_files; } -sub get_vips_per_intf { - my ($intf) = @_; - - my $config = new VyattaConfig; - my @groups = (); - - $config->setLevel("interfaces ethernet $intf vrrp vrrp-group"); - @groups = $config->listOrigNodes(); - return scalar(@groups); -} - sub vrrp_get_config { my ($intf, $group) = @_; + my $path; my $config = new VyattaConfig; + + if ($intf =~ m/(eth\d+)\.(\d+)/) { + $path = "interfaces ethernet $1 vif $2"; + } else { + $path = "interfaces ethernet $intf"; + } - $config->setLevel("interfaces ethernet $intf"); + $config->setLevel($path); my $primary_addr = $config->returnOrigValue("address"); if (!defined $primary_addr) { $primary_addr = "0.0.0.0"; @@ -160,7 +159,7 @@ sub vrrp_get_config { $primary_addr = $1; } - $config->setLevel("interfaces ethernet $intf vrrp vrrp-group $group"); + $config->setLevel("$path vrrp vrrp-group $group"); my @vips = $config->returnOrigValues("virtual-address"); my $priority = $config->returnOrigValue("priority"); if (!defined $priority) { @@ -174,13 +173,12 @@ sub vrrp_get_config { if (!defined $advert_int) { $advert_int = 1; } - $config->setLevel("interfaces ethernet $intf vrrp vrrp-group $group authentication"); + $config->setLevel("$path vrrp vrrp-group $group authentication"); my $auth_type = $config->returnOrigValue("type"); if (!defined $auth_type) { $auth_type = "none"; - } else { - $auth_type = uc($auth_type); - } + } + return ($primary_addr, $priority, $preempt, $advert_int, $auth_type, @vips); } diff --git a/scripts/keepalived/vyatta-keepalived.pl b/scripts/keepalived/vyatta-keepalived.pl index 7555d183..f024f88a 100755 --- a/scripts/keepalived/vyatta-keepalived.pl +++ b/scripts/keepalived/vyatta-keepalived.pl @@ -37,18 +37,18 @@ use warnings; my %HoA_sync_groups; sub keepalived_get_values { - my ($intf) = @_; + my ($intf, $path) = @_; my $output = ''; my $config = new VyattaConfig; my $state_transition_script = VyattaKeepalived::get_state_script(); - $config->setLevel("interfaces ethernet $intf vrrp vrrp-group"); + $config->setLevel("$path vrrp vrrp-group"); my @groups = $config->listNodes(); foreach my $group (@groups) { my $vrrp_instance = "vyatta-$intf-$group"; - $config->setLevel("interfaces ethernet $intf vrrp vrrp-group $group"); + $config->setLevel("$path vrrp vrrp-group $group"); my @vips = $config->returnValues("virtual-address"); if (scalar(@vips) == 0) { print "must define a virtual-address for vrrp-group $group\n"; @@ -71,10 +71,11 @@ sub keepalived_get_values { push @{ $HoA_sync_groups{$sync_group} }, $vrrp_instance; } - $config->setLevel("interfaces ethernet $intf vrrp vrrp-group $group authentication"); + $config->setLevel("$path vrrp vrrp-group $group authentication"); my $auth_type = $config->returnValue("type"); my $auth_pass; if (defined $auth_type) { + $auth_type = "PASS" if $auth_type eq "simple"; $auth_type = uc($auth_type); $auth_pass = $config->returnValue("password"); if (! defined $auth_pass) { @@ -138,16 +139,29 @@ sub vrrp_update_config { my $config = new VyattaConfig; - # todo: support vifs $config->setLevel("interfaces ethernet"); my @eths = $config->listNodes(); my $vrrp_instances = 0; foreach my $eth (@eths) { - $config->setLevel("interfaces ethernet $eth"); + my $path = "interfaces ethernet $eth"; + $config->setLevel($path); if ($config->exists("vrrp")) { - $output .= keepalived_get_values($eth); + $output .= keepalived_get_values($eth, $path); $vrrp_instances++; } + if ($config->exists("vif")) { + my $path = "interfaces ethernet $eth vif"; + $config->setLevel($path); + my @vifs = $config->listNodes(); + foreach my $vif (@vifs) { + my $vif_path = "$path $vif"; + $config->setLevel($vif_path); + if ($config->exists("vrrp")) { + $output .= keepalived_get_values("$eth.$vif", $vif_path); + $vrrp_instances++; + } + } + } } if ($vrrp_instances > 0) { @@ -199,7 +213,7 @@ if ($action eq "delete") { exit 1; } my $state_file = VyattaKeepalived::get_state_file($vrrp_intf, $vrrp_group); - system("rm $state_file"); + system("rm -f $state_file"); VyattaKeepalived::vrrp_log("vrrp delete $vrrp_intf $vrrp_group"); exit 0; } diff --git a/scripts/keepalived/vyatta-show-vrrp.pl b/scripts/keepalived/vyatta-show-vrrp.pl index 9228eeeb..93c1ecd2 100755 --- a/scripts/keepalived/vyatta-show-vrrp.pl +++ b/scripts/keepalived/vyatta-show-vrrp.pl @@ -149,7 +149,7 @@ sub vrrp_show { # my $intf = "eth"; my $group = "all"; -if ($#ARGV == 0) { +if ($#ARGV >= 0) { $intf = $ARGV[0]; } if ($#ARGV == 1) { diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/bridge/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/bridge/node.def new file mode 100644 index 00000000..d655f6bc --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/bridge/node.def @@ -0,0 +1,12 @@ +type: txt +help: "Add this interface to a bridge-group" +syntax: exec " \ + if [ -z \"`sudo brctl show | grep $(@) `\" ]; then \ + echo bridge interface $(@) doesn\\'t exist on this system ; \ + exit 1 ; \ + fi ; " +update: "sudo brctl addif $(@) $(../../../../@).$(../../@)" +delete: "sudo brctl delif $(@) $(../../../../@).$(../../@)" +#allowed: local -a array ; +# array=( /sys/class/net/br* ) ; +# echo -n ${array[@]##*/} diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/cost/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/cost/node.def new file mode 100644 index 00000000..1c2bbde1 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/cost/node.def @@ -0,0 +1,4 @@ +type: u32 +help: "Set the path cost for this port" +commit: $(../bridge/) != ""; "Must configure bridge interface" +update: "sudo brctl setpathcost $(../../@) $(@)" diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/node.def new file mode 100644 index 00000000..b76b5d71 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/node.def @@ -0,0 +1,2 @@ +help: "Add this interface to a bridge group" +commit: $(./bridge/) != ""; "Must set the bridge interface" diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/priority/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/priority/node.def new file mode 100644 index 00000000..d254b082 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/bridge-group/priority/node.def @@ -0,0 +1,4 @@ +type: u32 +help: "Set the path priority for this port" +commit: $(../bridge/) != ""; "Must configure bridge interface" +update: "sudo brctl setportprio $(../../@) $(@)" diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/node.def new file mode 100644 index 00000000..b21963c6 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/node.def @@ -0,0 +1,3 @@ +help: "Configure VRRP" +commit: $(../address/) != ""; "Must define a primary IP address on $(../../@) vif $(../@)" +end: "sudo /opt/vyatta/sbin/vyatta-keepalived.pl --vrrp-action update --intf $(../../@).$(../@) " diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.def new file mode 100644 index 00000000..e3e0b083 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.def @@ -0,0 +1,8 @@ +tag: +type: u32 +syntax: $(@) >= 0 && $(@) <= 255; "VRRP group must be between 1-255" +commit: $(virtual-address/) != ""; "Must define the virtual-address for vrrp-group $(@)" +help: "Configure VRRP group number" +delete: "sudo /opt/vyatta/sbin/vyatta-keepalived.pl --vrrp-action delete --intf $(../../../@).$(../../@) --group $(@) " +#comp_help: possible completions +# <1-255> VRRP group number diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/advertise-interval/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/advertise-interval/node.def new file mode 100644 index 00000000..12c9f0f4 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/advertise-interval/node.def @@ -0,0 +1,6 @@ +type: u32 +default: 1 +help: "Configure advertise interval" +syntax: $(@) >= 1 && $(@) <=255; "Advertise interval must be between 1-255" +#comp_help: possible completions +# <1-255> Set advertise interval (default 1) diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/authentication/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/authentication/node.def new file mode 100644 index 00000000..e3120d51 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/authentication/node.def @@ -0,0 +1,3 @@ +help: "Configure authentication" +commit: $(./type/@) != ""; "You must set a authentication type" +commit: $(./password/@) != ""; "You must set a authentication password" diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/authentication/password/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/authentication/password/node.def new file mode 100644 index 00000000..87855962 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/authentication/password/node.def @@ -0,0 +1,2 @@ +type: txt +help: "Password text" diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/authentication/type/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/authentication/type/node.def new file mode 100644 index 00000000..9f624356 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/authentication/type/node.def @@ -0,0 +1,6 @@ +type: txt +help: "Authentication type" +syntax: $(@) in "simple", "AH", "ah"; "authentication must be simple or AH" +#comp_help: possible completions: +# simple Set simple password mode +# AH Set IP Authentication Header mode diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/description/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/description/node.def new file mode 100644 index 00000000..d457185a --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/description/node.def @@ -0,0 +1,2 @@ +type: txt +help: "Description for this interface" diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/node.def new file mode 100644 index 00000000..a4f3c074 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/node.def @@ -0,0 +1 @@ +help: "VRRP configuration for this VRRP group" diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/preempt/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/preempt/node.def new file mode 100644 index 00000000..a0b0efa2 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/preempt/node.def @@ -0,0 +1,7 @@ +type: txt +help: "Preempt mode" +default: "true" +syntax: $(@) in "true", "false"; "preempt must be true or false" +#comp_help: possible completions: +# true (default) +# false diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/priority/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/priority/node.def new file mode 100644 index 00000000..413bba15 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/priority/node.def @@ -0,0 +1,5 @@ +type: u32 +syntax: $(@) >= 0 &&$(@) <= 255; "priority must be between 1-255" +help: "Priority" +#comp_help: possible completions: +# <1-255> Set Priority diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/sync-group/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/sync-group/node.def new file mode 100644 index 00000000..5fa24b92 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/sync-group/node.def @@ -0,0 +1,2 @@ +type: txt +help: "Add this vrrp group to a sync group" diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def new file mode 100644 index 00000000..bcf9392f --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def @@ -0,0 +1,3 @@ +multi: +type: ipv4 +help: "Configure virtual address" diff --git a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.def index dfb9c6a2..a61a022f 100644 --- a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.def +++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.def @@ -4,3 +4,5 @@ syntax: $(@) >= 0 && $(@) <= 255; "VRRP group must be between 1-255" commit: $(virtual-address/) != ""; "Must define the virtual-address for vrrp-group $(@)" help: "Configure VRRP group number" delete: "sudo /opt/vyatta/sbin/vyatta-keepalived.pl --vrrp-action delete --intf $(../../@) --group $(@) " +#comp_help: possible completions +# <1-255> VRRP group number diff --git a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/advertise-interval/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/advertise-interval/node.def index edfbc3a4..12c9f0f4 100644 --- a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/advertise-interval/node.def +++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/advertise-interval/node.def @@ -1,4 +1,6 @@ type: u32 default: 1 help: "Configure advertise interval" -syntax: $(@) > 0 && $(@) <=255; "Advertise interval must be between 1-255" +syntax: $(@) >= 1 && $(@) <=255; "Advertise interval must be between 1-255" +#comp_help: possible completions +# <1-255> Set advertise interval (default 1) diff --git a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/type/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/type/node.def index 72e53f4b..9f624356 100644 --- a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/type/node.def +++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/type/node.def @@ -1,3 +1,6 @@ type: txt -help: "Authentication type PASS|AH" -syntax: $(@) in "PASS", "pass", "AH", "ah"; "authentication must be PASS or AH" +help: "Authentication type" +syntax: $(@) in "simple", "AH", "ah"; "authentication must be simple or AH" +#comp_help: possible completions: +# simple Set simple password mode +# AH Set IP Authentication Header mode diff --git a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/description/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/description/node.def new file mode 100644 index 00000000..d457185a --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/description/node.def @@ -0,0 +1,2 @@ +type: txt +help: "Description for this interface" diff --git a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/preempt/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/preempt/node.def index a9869373..a0b0efa2 100644 --- a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/preempt/node.def +++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/preempt/node.def @@ -1,4 +1,7 @@ type: txt -help: "Preempt (true or false)" +help: "Preempt mode" default: "true" syntax: $(@) in "true", "false"; "preempt must be true or false" +#comp_help: possible completions: +# true (default) +# false diff --git a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/priority/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/priority/node.def index 3f7aacbf..413bba15 100644 --- a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/priority/node.def +++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/priority/node.def @@ -1,3 +1,5 @@ type: u32 syntax: $(@) >= 0 &&$(@) <= 255; "priority must be between 1-255" help: "Priority" +#comp_help: possible completions: +# <1-255> Set Priority |