From 1802eb010fb9b382dde4d3e1574fd578027c7dc0 Mon Sep 17 00:00:00 2001 From: Stig Thormodsrud Date: Tue, 18 Dec 2007 09:53:24 -0800 Subject: - Add support for multiple vrrp groups per interface. - Add support for multiple VIPs per vrrp group. --- scripts/keepalived/VyattaKeepalived.pm | 17 ++- scripts/keepalived/vyatta-keepalived.pl | 121 +++++++++++---------- scripts/keepalived/vyatta-show-vrrp.pl | 21 +++- .../node.tag/vrrp/advertise-interval/node.def | 4 - .../ethernet/node.tag/vrrp/authentication/node.def | 3 - .../node.tag/vrrp/authentication/password/node.def | 2 - .../node.tag/vrrp/authentication/type/node.def | 3 - .../interfaces/ethernet/node.tag/vrrp/node.def | 2 - .../ethernet/node.tag/vrrp/preempt/node.def | 4 - .../ethernet/node.tag/vrrp/priority/node.def | 3 - .../node.tag/vrrp/virtual-address/node.def | 2 - .../ethernet/node.tag/vrrp/vrrp-group/node.def | 4 +- .../node.tag/advertise-interval/node.def | 4 + .../vrrp-group/node.tag/authentication/node.def | 3 + .../node.tag/authentication/password/node.def | 2 + .../node.tag/authentication/type/node.def | 3 + .../node.tag/vrrp/vrrp-group/node.tag/node.def | 1 + .../vrrp/vrrp-group/node.tag/preempt/node.def | 4 + .../vrrp/vrrp-group/node.tag/priority/node.def | 3 + .../vrrp-group/node.tag/virtual-address/node.def | 3 + 20 files changed, 117 insertions(+), 92 deletions(-) delete mode 100644 templates/interfaces/ethernet/node.tag/vrrp/advertise-interval/node.def delete mode 100644 templates/interfaces/ethernet/node.tag/vrrp/authentication/node.def delete mode 100644 templates/interfaces/ethernet/node.tag/vrrp/authentication/password/node.def delete mode 100644 templates/interfaces/ethernet/node.tag/vrrp/authentication/type/node.def delete mode 100644 templates/interfaces/ethernet/node.tag/vrrp/preempt/node.def delete mode 100644 templates/interfaces/ethernet/node.tag/vrrp/priority/node.def delete mode 100644 templates/interfaces/ethernet/node.tag/vrrp/virtual-address/node.def create mode 100644 templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/advertise-interval/node.def create mode 100644 templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/node.def create mode 100644 templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/password/node.def create mode 100644 templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/type/node.def create mode 100644 templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/node.def create mode 100644 templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/preempt/node.def create mode 100644 templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/priority/node.def create mode 100644 templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def diff --git a/scripts/keepalived/VyattaKeepalived.pm b/scripts/keepalived/VyattaKeepalived.pm index c2d446e4..e0e84af3 100755 --- a/scripts/keepalived/VyattaKeepalived.pm +++ b/scripts/keepalived/VyattaKeepalived.pm @@ -129,6 +129,17 @@ sub get_state_files { return @state_files; } +sub get_vips_per_intf { + my ($intf) = @_; + + my $config = new VyattaConfig; + my @groups = (); + + $config->setLevel("interfaces ethernet $intf vrrp vrrp-group"); + @groups = $config->listOrigNodes(); + return scalar(@groups); +} + sub vrrp_get_config { my ($intf, $group) = @_; @@ -144,8 +155,8 @@ sub vrrp_get_config { $primary_addr = $1; } - $config->setLevel("interfaces ethernet $intf vrrp"); - my $vip = $config->returnOrigValue("virtual-address"); + $config->setLevel("interfaces ethernet $intf vrrp vrrp-group $group"); + my @vips = $config->returnOrigValues("virtual-address"); my $priority = $config->returnOrigValue("priority"); if (!defined $priority) { $priority = 1; @@ -165,7 +176,7 @@ sub vrrp_get_config { } else { $auth_type = uc($auth_type); } - return ($primary_addr, $vip, $priority, $preempt, $advert_int, $auth_type); + return ($primary_addr, $priority, $preempt, $advert_int, $auth_type, @vips); } sub vrrp_state_parse { diff --git a/scripts/keepalived/vyatta-keepalived.pl b/scripts/keepalived/vyatta-keepalived.pl index 15346855..e9df03df 100755 --- a/scripts/keepalived/vyatta-keepalived.pl +++ b/scripts/keepalived/vyatta-keepalived.pl @@ -38,72 +38,75 @@ use warnings; sub keepalived_get_values { my ($intf) = @_; - my $output; + my $output = ''; my $config = new VyattaConfig; - $config->setLevel("interfaces ethernet $intf vrrp"); - my $group = $config->returnValue("vrrp-group"); - if (!defined $group) { - $group = 1; - } - my $vip = $config->returnValue("virtual-address"); - if (!defined $vip) { - print "must define a virtual-address for vrrp-group $group\n"; - exit 1; - } - my $priority = $config->returnValue("priority"); - if (!defined $priority) { - $priority = 1; - } - my $preempt = $config->returnValue("preempt"); - if (!defined $preempt) { - $preempt = "true"; - } - my $advert_int = $config->returnValue("advertise-interval"); - if (!defined $advert_int) { - $advert_int = 1; - } - $config->setLevel("interfaces ethernet $intf vrrp authentication"); - my $auth_type = $config->returnValue("type"); - my $auth_pass; - if (defined $auth_type) { - $auth_type = uc($auth_type); - $auth_pass = $config->returnValue("password"); - if (! defined $auth_pass) { - print "vrrp authentication password not set"; + my $state_transition_script = VyattaKeepalived::get_state_script(); + + $config->setLevel("interfaces ethernet $intf vrrp vrrp-group"); + my @groups = $config->listNodes(); + foreach my $group (@groups) { + $config->setLevel("interfaces ethernet $intf vrrp vrrp-group $group"); + my @vips = $config->returnValues("virtual-address"); + if (scalar(@vips) == 0) { + print "must define a virtual-address for vrrp-group $group\n"; exit 1; } - } - my $state_transition_script = VyattaKeepalived::get_state_script(); + my $priority = $config->returnValue("priority"); + if (!defined $priority) { + $priority = 1; + } + my $preempt = $config->returnValue("preempt"); + if (!defined $preempt) { + $preempt = "true"; + } + my $advert_int = $config->returnValue("advertise-interval"); + if (!defined $advert_int) { + $advert_int = 1; + } + $config->setLevel("interfaces ethernet $intf vrrp vrrp-group $group authentication"); + my $auth_type = $config->returnValue("type"); + my $auth_pass; + if (defined $auth_type) { + $auth_type = uc($auth_type); + $auth_pass = $config->returnValue("password"); + if (! defined $auth_pass) { + print "vrrp authentication password not set"; + exit 1; + } + } - $output = "vrrp_instance vyatta-$intf-$group \{\n"; - if ($preempt eq "false") { - $output .= "\tstate BACKUP\n"; - } else { - $output .= "\tstate MASTER\n"; + $output .= "vrrp_instance vyatta-$intf-$group \{\n"; + if ($preempt eq "false") { + $output .= "\tstate BACKUP\n"; + } else { + $output .= "\tstate MASTER\n"; } - $output .= "\tinterface $intf\n"; - $output .= "\tvirtual_router_id $group\n"; - $output .= "\tpriority $priority\n"; - if ($preempt eq "false") { - $output .= "\tnopreempt\n"; - } - $output .= "\tadvert_int $advert_int\n"; - if (defined $auth_type) { - $output .= "\tauthentication {\n"; - $output .= "\t\tauth_type $auth_type\n"; - $output .= "\t\tauth_pass $auth_pass\n\t}\n"; + $output .= "\tinterface $intf\n"; + $output .= "\tvirtual_router_id $group\n"; + $output .= "\tpriority $priority\n"; + if ($preempt eq "false") { + $output .= "\tnopreempt\n"; + } + $output .= "\tadvert_int $advert_int\n"; + if (defined $auth_type) { + $output .= "\tauthentication {\n"; + $output .= "\t\tauth_type $auth_type\n"; + $output .= "\t\tauth_pass $auth_pass\n\t}\n"; + } + $output .= "\tvirtual_ipaddress \{\n"; + foreach my $vip (@vips) { + $output .= "\t\t$vip\n"; + } + $output .= "\t\}\n"; + $output .= "\tnotify_master "; + $output .= "\"$state_transition_script master $intf $group @vips\" \n"; + $output .= "\tnotify_backup "; + $output .= "\"$state_transition_script backup $intf $group @vips\" \n"; + $output .= "\t notify_fault "; + $output .= "\"$state_transition_script fault $intf $group @vips\" \n"; + $output .= "\}\n"; } - $output .= "\tvirtual_ipaddress \{\n"; - $output .= "\t\t$vip\n"; - $output .= "\t\}\n"; - $output .= "\tnotify_master "; - $output .= "\"$state_transition_script master $intf $group $vip\" \n"; - $output .= "\tnotify_backup "; - $output .= "\"$state_transition_script backup $intf $group $vip\" \n"; - $output .= "\t notify_fault "; - $output .= "\"$state_transition_script fault $intf $group $vip\" \n"; - $output .= "\}\n"; return $output; } diff --git a/scripts/keepalived/vyatta-show-vrrp.pl b/scripts/keepalived/vyatta-show-vrrp.pl index 6540eaf5..934808f6 100755 --- a/scripts/keepalived/vyatta-show-vrrp.pl +++ b/scripts/keepalived/vyatta-show-vrrp.pl @@ -81,7 +81,7 @@ sub link_updown { } sub get_master_info { - my ($intf, $group, $vip) = @_; + my ($intf, $group) = @_; my $file = VyattaKeepalived::get_master_file($intf, $group); if ( -f $file) { @@ -113,18 +113,27 @@ sub vrrp_show { VyattaKeepalived::vrrp_state_parse($file); my $link = link_updown($intf); if ($state eq "master" || $state eq "backup" || $state eq "fault") { - my ($primary_addr, $vip, $priority, $preempt, $advert_int, $auth_type) = - VyattaKeepalived::vrrp_get_config($intf, $group); + my ($primary_addr, $priority, $preempt, $advert_int, $auth_type, + @vips) = VyattaKeepalived::vrrp_get_config($intf, $group); print "Physical interface: $intf, Address $primary_addr\n"; print " Interface state: $link, Group $group, State: $state\n"; print " Priority: $priority, Advertisement interval: $advert_int, "; print "Authentication type: $auth_type\n"; - print " Preempt: $preempt, VIP count: 1, VIP: $vip\n"; + my $vip_count = scalar(@vips); + my $string = " Preempt: $preempt, VIP count: $vip_count, VIP: "; + my $strlen = length($string); + print $string; + foreach my $vip (@vips) { + if ($vip_count != scalar(@vips)) { + print " " x $strlen; + } + print "$vip\n"; + $vip_count--; + } if ($state eq "master") { print " Master router: $primary_addr\n"; } elsif ($state eq "backup") { - my ($master_rtr, $master_prio) = get_master_info($intf, - $group, $vip); + my ($master_rtr, $master_prio) = get_master_info($intf, $group); print " Master router: $master_rtr, "; print "Master Priority: $master_prio\n"; } diff --git a/templates/interfaces/ethernet/node.tag/vrrp/advertise-interval/node.def b/templates/interfaces/ethernet/node.tag/vrrp/advertise-interval/node.def deleted file mode 100644 index edfbc3a4..00000000 --- a/templates/interfaces/ethernet/node.tag/vrrp/advertise-interval/node.def +++ /dev/null @@ -1,4 +0,0 @@ -type: u32 -default: 1 -help: "Configure advertise interval" -syntax: $(@) > 0 && $(@) <=255; "Advertise interval must be between 1-255" diff --git a/templates/interfaces/ethernet/node.tag/vrrp/authentication/node.def b/templates/interfaces/ethernet/node.tag/vrrp/authentication/node.def deleted file mode 100644 index e3120d51..00000000 --- a/templates/interfaces/ethernet/node.tag/vrrp/authentication/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: "Configure authentication" -commit: $(./type/@) != ""; "You must set a authentication type" -commit: $(./password/@) != ""; "You must set a authentication password" diff --git a/templates/interfaces/ethernet/node.tag/vrrp/authentication/password/node.def b/templates/interfaces/ethernet/node.tag/vrrp/authentication/password/node.def deleted file mode 100644 index 87855962..00000000 --- a/templates/interfaces/ethernet/node.tag/vrrp/authentication/password/node.def +++ /dev/null @@ -1,2 +0,0 @@ -type: txt -help: "Password text" diff --git a/templates/interfaces/ethernet/node.tag/vrrp/authentication/type/node.def b/templates/interfaces/ethernet/node.tag/vrrp/authentication/type/node.def deleted file mode 100644 index 72e53f4b..00000000 --- a/templates/interfaces/ethernet/node.tag/vrrp/authentication/type/node.def +++ /dev/null @@ -1,3 +0,0 @@ -type: txt -help: "Authentication type PASS|AH" -syntax: $(@) in "PASS", "pass", "AH", "ah"; "authentication must be PASS or AH" diff --git a/templates/interfaces/ethernet/node.tag/vrrp/node.def b/templates/interfaces/ethernet/node.tag/vrrp/node.def index de3253a5..2c8cc58a 100644 --- a/templates/interfaces/ethernet/node.tag/vrrp/node.def +++ b/templates/interfaces/ethernet/node.tag/vrrp/node.def @@ -1,5 +1,3 @@ help: "Configure VRRP" commit: $(../address/) != ""; "Must define a primary IP address on $(../@)" -commit: $(virtual-address/) != ""; "Must define the virtual-address for vrrp-group $(../vrrp-group/@)" end: "sudo /opt/vyatta/sbin/vyatta-keepalived.pl --vrrp-action update --intf $(../@) " - diff --git a/templates/interfaces/ethernet/node.tag/vrrp/preempt/node.def b/templates/interfaces/ethernet/node.tag/vrrp/preempt/node.def deleted file mode 100644 index a9869373..00000000 --- a/templates/interfaces/ethernet/node.tag/vrrp/preempt/node.def +++ /dev/null @@ -1,4 +0,0 @@ -type: txt -help: "Preempt (true or false)" -default: "true" -syntax: $(@) in "true", "false"; "preempt must be true or false" diff --git a/templates/interfaces/ethernet/node.tag/vrrp/priority/node.def b/templates/interfaces/ethernet/node.tag/vrrp/priority/node.def deleted file mode 100644 index 3f7aacbf..00000000 --- a/templates/interfaces/ethernet/node.tag/vrrp/priority/node.def +++ /dev/null @@ -1,3 +0,0 @@ -type: u32 -syntax: $(@) >= 0 &&$(@) <= 255; "priority must be between 1-255" -help: "Priority" diff --git a/templates/interfaces/ethernet/node.tag/vrrp/virtual-address/node.def b/templates/interfaces/ethernet/node.tag/vrrp/virtual-address/node.def deleted file mode 100644 index badf657e..00000000 --- a/templates/interfaces/ethernet/node.tag/vrrp/virtual-address/node.def +++ /dev/null @@ -1,2 +0,0 @@ -type: ipv4 -help: "Configure virtual address" diff --git a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.def index fe9690d8..d2f231e7 100644 --- a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.def +++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.def @@ -1,4 +1,6 @@ +tag: type: u32 syntax: $(@) >= 0 && $(@) <= 255; "VRRP group must be between 1-255" +commit: $(virtual-address/) != ""; "Must define the virtual-address for vrrp-group $(@)" help: "Configure VRRP group number" -delete: "sudo /opt/vyatta/sbin/vyatta-keepalived.pl --vrrp-action delete --intf $(../../@) --group $(@) " +delete: "sudo /opt/vyatta/sbin/vyatta-keepalived.pl --vrrp-action delete --intf $(../../../@) --group $(@) " diff --git a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/advertise-interval/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/advertise-interval/node.def new file mode 100644 index 00000000..edfbc3a4 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/advertise-interval/node.def @@ -0,0 +1,4 @@ +type: u32 +default: 1 +help: "Configure advertise interval" +syntax: $(@) > 0 && $(@) <=255; "Advertise interval must be between 1-255" diff --git a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/node.def new file mode 100644 index 00000000..e3120d51 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/node.def @@ -0,0 +1,3 @@ +help: "Configure authentication" +commit: $(./type/@) != ""; "You must set a authentication type" +commit: $(./password/@) != ""; "You must set a authentication password" diff --git a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/password/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/password/node.def new file mode 100644 index 00000000..87855962 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/password/node.def @@ -0,0 +1,2 @@ +type: txt +help: "Password text" diff --git a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/type/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/type/node.def new file mode 100644 index 00000000..72e53f4b --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/type/node.def @@ -0,0 +1,3 @@ +type: txt +help: "Authentication type PASS|AH" +syntax: $(@) in "PASS", "pass", "AH", "ah"; "authentication must be PASS or AH" diff --git a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/node.def new file mode 100644 index 00000000..a4f3c074 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/node.def @@ -0,0 +1 @@ +help: "VRRP configuration for this VRRP group" diff --git a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/preempt/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/preempt/node.def new file mode 100644 index 00000000..a9869373 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/preempt/node.def @@ -0,0 +1,4 @@ +type: txt +help: "Preempt (true or false)" +default: "true" +syntax: $(@) in "true", "false"; "preempt must be true or false" diff --git a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/priority/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/priority/node.def new file mode 100644 index 00000000..3f7aacbf --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/priority/node.def @@ -0,0 +1,3 @@ +type: u32 +syntax: $(@) >= 0 &&$(@) <= 255; "priority must be between 1-255" +help: "Priority" diff --git a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def new file mode 100644 index 00000000..bcf9392f --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def @@ -0,0 +1,3 @@ +multi: +type: ipv4 +help: "Configure virtual address" -- cgit v1.2.3