Support multiple Virtual IPs on the same subnet

Fixes-bug: #1594722

Change-Id: I825009dbc2cc3a656c6dbd1b89cd34d77bb7ede3
This commit is contained in:
Swann Croiset 2016-06-20 17:10:05 +02:00
parent 874c658ba1
commit a70862ce2b
3 changed files with 61 additions and 3 deletions

View File

@ -85,15 +85,25 @@ class { 'lma_infra_alerting::nagios::vhost':
require => Class['lma_infra_alerting::nagios'], require => Class['lma_infra_alerting::nagios'],
} }
file { 'ocf-ns_apache': $configure_arp_filter_for_vip = '/usr/local/bin/configure_arp_filter_for_vip'
file { $configure_arp_filter_for_vip:
ensure => present, ensure => present,
path => '/usr/lib/ocf/resource.d/fuel/ocf-ns_apache', source => 'puppet:///modules/lma_infra_alerting/configure_arp_filter_for_vip',
source => 'puppet:///modules/lma_infra_alerting/ocf-ns_apache',
mode => '0755', mode => '0755',
owner => 'root', owner => 'root',
group => 'root', group => 'root',
} }
file { 'ocf-ns_apache':
ensure => present,
path => '/usr/lib/ocf/resource.d/fuel/ocf-ns_apache',
source => 'puppet:///modules/lma_infra_alerting/ocf-ns_apache',
mode => '0755',
owner => 'root',
group => 'root',
require => File[$configure_arp_filter_for_vip],
}
file { 'ocf-ns_nagios': file { 'ocf-ns_nagios':
ensure => present, ensure => present,
path => '/usr/lib/ocf/resource.d/fuel/ocf-ns_nagios', path => '/usr/lib/ocf/resource.d/fuel/ocf-ns_nagios',

View File

@ -0,0 +1,47 @@
#!/bin/bash
# Copyright 2016 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# This script configures source-based IP routing and ARP filter to properly
# handle ARP requests when several virtual IP addresses are configured on
# the same subnet.
LAST_TABLE_NUMBER=$(grep -Ev '^#' /etc/iproute2/rt_tables | awk '{print $1}' | grep -Ev '^(255|254|253|0)$' | sort -g | tail -1)
if [[ "$LAST_TABLE_NUMBER" = "" ]]; then
LAST_TABLE_NUMBER=0
fi
for nic_config in $(ls -d /proc/sys/net/ipv4/conf/*infra* 2>/dev/null); do
echo 1 > "${nic_config}/arp_filter"
nic=$(basename $nic_config)
ip_address=$(ip -f inet -o addr show $nic|cut -d\ -f 7|cut -d/ -f 1)
# Create new routing table
LAST_TABLE_NUMBER=$(($LAST_TABLE_NUMBER+1))
if ! grep $nic /etc/iproute2/rt_tables >/dev/null; then
echo "$LAST_TABLE_NUMBER $nic" >> /etc/iproute2/rt_tables
fi
# Get network (eg. 1.2.3.0/24). This assumes the default route is present
net=$(ip route | grep $nic | awk '{print $1}')
# Add route for the routing table
ip route add $net dev $nic src $ip_address table $nic || true
# Add rule for the routing table
if ! $(ip rule list|grep "from $ip_address" >/dev/null); then
ip rule add from $ip_address table $nic
fi
done
exit 0

View File

@ -209,6 +209,7 @@ service_start() {
return "$OCF_SUCCESS" return "$OCF_SUCCESS"
fi fi
ocf_run ${RUN} bash -c "/usr/local/bin/configure_arp_filter_for_vip"
ocf_run ${RUN} bash -c ". /etc/apache2/envvars && ${OCF_RESKEY_binary} -k start" ocf_run ${RUN} bash -c ". /etc/apache2/envvars && ${OCF_RESKEY_binary} -k start"
# Spin waiting for the server to come up # Spin waiting for the server to come up