Browse Source

Support multiple Virtual IPs on the same subnet

Fixes-bug: #1594722

Change-Id: I825009dbc2cc3a656c6dbd1b89cd34d77bb7ede3
Swann Croiset 2 years ago
parent
commit
a70862ce2b

+ 13
- 3
deployment_scripts/puppet/manifests/nagios.pp View File

@@ -85,15 +85,25 @@ class { 'lma_infra_alerting::nagios::vhost':
85 85
   require                   => Class['lma_infra_alerting::nagios'],
86 86
 }
87 87
 
88
-file { 'ocf-ns_apache':
88
+$configure_arp_filter_for_vip = '/usr/local/bin/configure_arp_filter_for_vip'
89
+file { $configure_arp_filter_for_vip:
89 90
   ensure => present,
90
-  path   => '/usr/lib/ocf/resource.d/fuel/ocf-ns_apache',
91
-  source => 'puppet:///modules/lma_infra_alerting/ocf-ns_apache',
91
+  source => 'puppet:///modules/lma_infra_alerting/configure_arp_filter_for_vip',
92 92
   mode   => '0755',
93 93
   owner  => 'root',
94 94
   group  => 'root',
95 95
 }
96 96
 
97
+file { 'ocf-ns_apache':
98
+  ensure  => present,
99
+  path    => '/usr/lib/ocf/resource.d/fuel/ocf-ns_apache',
100
+  source  => 'puppet:///modules/lma_infra_alerting/ocf-ns_apache',
101
+  mode    => '0755',
102
+  owner   => 'root',
103
+  group   => 'root',
104
+  require => File[$configure_arp_filter_for_vip],
105
+}
106
+
97 107
 file { 'ocf-ns_nagios':
98 108
   ensure => present,
99 109
   path   => '/usr/lib/ocf/resource.d/fuel/ocf-ns_nagios',

+ 47
- 0
deployment_scripts/puppet/modules/lma_infra_alerting/files/configure_arp_filter_for_vip View File

@@ -0,0 +1,47 @@
1
+#!/bin/bash
2
+#    Copyright 2016 Mirantis, Inc.
3
+#
4
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
5
+#    not use this file except in compliance with the License. You may obtain
6
+#    a copy of the License at
7
+#
8
+#         http://www.apache.org/licenses/LICENSE-2.0
9
+#
10
+#    Unless required by applicable law or agreed to in writing, software
11
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13
+#    License for the specific language governing permissions and limitations
14
+#    under the License.
15
+
16
+# This script configures source-based IP routing and ARP filter to properly
17
+# handle ARP requests when several virtual IP addresses are configured on
18
+# the same subnet.
19
+
20
+LAST_TABLE_NUMBER=$(grep -Ev '^#' /etc/iproute2/rt_tables | awk '{print $1}' | grep -Ev '^(255|254|253|0)$' | sort -g | tail -1)
21
+if [[ "$LAST_TABLE_NUMBER" = "" ]]; then
22
+  LAST_TABLE_NUMBER=0
23
+fi
24
+for nic_config in $(ls -d  /proc/sys/net/ipv4/conf/*infra* 2>/dev/null); do
25
+  echo 1 > "${nic_config}/arp_filter"
26
+  nic=$(basename $nic_config)
27
+  ip_address=$(ip -f inet -o addr show $nic|cut -d\  -f 7|cut -d/ -f 1)
28
+
29
+  # Create new routing table
30
+  LAST_TABLE_NUMBER=$(($LAST_TABLE_NUMBER+1))
31
+  if ! grep $nic /etc/iproute2/rt_tables >/dev/null; then
32
+    echo "$LAST_TABLE_NUMBER $nic" >> /etc/iproute2/rt_tables
33
+  fi
34
+
35
+  # Get network (eg. 1.2.3.0/24). This assumes the default route is present
36
+  net=$(ip route | grep $nic | awk '{print $1}')
37
+
38
+  # Add route for the routing table
39
+  ip route add $net dev $nic src $ip_address table $nic || true
40
+
41
+  # Add rule for the routing table
42
+  if ! $(ip rule list|grep "from $ip_address" >/dev/null); then
43
+    ip rule add from $ip_address table $nic
44
+  fi
45
+
46
+done
47
+exit 0

+ 1
- 0
deployment_scripts/puppet/modules/lma_infra_alerting/files/ocf-ns_apache View File

@@ -209,6 +209,7 @@ service_start() {
209 209
         return "$OCF_SUCCESS"
210 210
     fi
211 211
 
212
+    ocf_run ${RUN} bash -c "/usr/local/bin/configure_arp_filter_for_vip"
212 213
     ocf_run ${RUN} bash -c ". /etc/apache2/envvars && ${OCF_RESKEY_binary} -k start"
213 214
 
214 215
     # Spin waiting for the server to come up

Loading…
Cancel
Save