From 49234912119c224bf4c28df5573937668d03e651 Mon Sep 17 00:00:00 2001
From: Viacheslav Hletenko <v.gletenko@vyos.io>
Date: Mon, 2 Jan 2023 18:51:47 +0000
Subject: T4904: keepalived virtual-server allow multiple ports with fwmark

Allow multiple ports for high-availability virtual-server
The current implementation allows balance only one "virtual" address
and port between between several "real servers"
Allow matching "fwmark" to set traffic which should be balanced

Allow to set port 0 (all traffic) if we use "fwmark"
Add health-check script

  set high-availability virtual-server 203.0.113.1 fwmark '111'
  set high-availability virtual-server 203.0.113.1 real-server 192.0.2.11 health-check script '/bin/true'
  set high-availability virtual-server 203.0.113.1 real-server 192.0.2.11 port '0'
---
 data/templates/high-availability/keepalived.conf.j2 | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

(limited to 'data')

diff --git a/data/templates/high-availability/keepalived.conf.j2 b/data/templates/high-availability/keepalived.conf.j2
index 706e1c5ae..ebff52e1f 100644
--- a/data/templates/high-availability/keepalived.conf.j2
+++ b/data/templates/high-availability/keepalived.conf.j2
@@ -126,7 +126,12 @@ vrrp_sync_group {{ name }} {
 {% if virtual_server is vyos_defined %}
 # Virtual-server configuration
 {%     for vserver, vserver_config in virtual_server.items() %}
+# Vserver {{ vserver }}
+{%         if vserver_config.port is vyos_defined %}
 virtual_server {{ vserver }} {{ vserver_config.port }} {
+{%         else %}
+virtual_server fwmark {{ vserver_config.fwmark }} {
+{%         endif %}
     delay_loop {{ vserver_config.delay_loop }}
 {%         if vserver_config.algorithm is vyos_defined('round-robin') %}
     lb_algo rr
@@ -156,9 +161,14 @@ virtual_server {{ vserver }} {{ vserver_config.port }} {
 {%             for rserver, rserver_config in vserver_config.real_server.items() %}
     real_server {{ rserver }} {{ rserver_config.port }} {
         weight 1
+{%                 if rserver_config.health_check.script is vyos_defined %}
+        MISC_CHECK {
+            misc_path {{ rserver_config.health_check.script }}
+{%                 else %}
         {{ vserver_config.protocol | upper }}_CHECK {
-{%                 if rserver_config.connection_timeout is vyos_defined %}
+{%                     if rserver_config.connection_timeout is vyos_defined %}
             connect_timeout {{ rserver_config.connection_timeout }}
+{%                     endif %}
 {%                 endif %}
         }
     }
-- 
cgit v1.2.3