Updated Branches: refs/heads/master 09fa6e5d8 -> e88cc488e
CLOUDSTACK-5779: Move loadbalancer to use routerProxy Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/e88cc488 Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/e88cc488 Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/e88cc488 Branch: refs/heads/master Commit: e88cc488e5a9011f2c199f906bb0dacdb95685d7 Parents: 09fa6e5 Author: Sheng Yang <[email protected]> Authored: Mon Jan 20 17:34:27 2014 -0800 Committer: Sheng Yang <[email protected]> Committed: Mon Jan 20 18:48:46 2014 -0800 ---------------------------------------------------------------------- .../virtualnetwork/VirtualRoutingResource.java | 118 ++----- .../vmware/resource/VmwareResource.java | 187 +++-------- .../xen/resource/CitrixResourceBase.java | 100 ++---- scripts/network/domr/call_loadbalancer.sh | 101 ------ scripts/vm/hypervisor/xenserver/vmops | 17 +- .../debian/config/opt/cloud/bin/loadbalancer.sh | 320 +++++++++++++++++++ .../patches/debian/config/root/loadbalancer.sh | 320 ------------------- 7 files changed, 419 insertions(+), 744 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e88cc488/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java ---------------------------------------------------------------------- diff --git a/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java b/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java index ff99b92..732d7b4 100755 --- a/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java +++ b/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java @@ -75,13 +75,10 @@ import org.apache.log4j.Logger; import javax.ejb.Local; import javax.naming.ConfigurationException; import java.io.BufferedReader; -import java.io.BufferedWriter; import java.io.File; -import java.io.FileWriter; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; -import java.io.PrintWriter; import java.net.InetSocketAddress; import java.net.URL; import java.net.URLConnection; @@ -102,7 +99,6 @@ import java.util.Map; public class VirtualRoutingResource implements Manager { private static final Logger s_logger = Logger.getLogger(VirtualRoutingResource.class); private String _publicIpAddress; - private String _loadbPath; private String _publicEthIf; private String _privateEthIf; private String _routerProxyPath; @@ -354,7 +350,20 @@ public class VirtualRoutingResource implements Manager { return new SetStaticNatRulesAnswer(cmd, results, endResult); } - protected Answer VPCLoadBalancerConfig(final LoadBalancerConfigCommand cmd) { + protected boolean createFileInVR(String routerIp, String path, String filename, String content) { + File permKey = new File("/root/.ssh/id_rsa.cloud"); + boolean result = true; + + try { + SshHelper.scpTo(routerIp, 3922, "root", permKey, null, path, content.getBytes(), filename, null); + } catch (Exception e) { + s_logger.warn("Fail to create file " + path + filename + " in VR " + routerIp, e); + result = false; + } + return result; + } + + private Answer execute(LoadBalancerConfigCommand cmd) { String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP); if (routerIp == null) { @@ -368,25 +377,24 @@ public class VirtualRoutingResource implements Manager { tmpCfgFileContents += config[i]; tmpCfgFileContents += "\n"; } - File permKey = new File("/root/.ssh/id_rsa.cloud"); - try { - SshHelper.scpTo(routerIp, 3922, "root", permKey, null, "/etc/haproxy/", tmpCfgFileContents.getBytes(), "haproxy.cfg.new", null); + if (!createFileInVR(routerIp, "/etc/haproxy/", "haproxy.cfg.new", tmpCfgFileContents)) { + return new Answer(cmd, false, "Fail to copy LB config file to VR"); + } + try { String[][] rules = cfgtr.generateFwRules(cmd); String[] addRules = rules[LoadBalancerConfigurator.ADD]; String[] removeRules = rules[LoadBalancerConfigurator.REMOVE]; String[] statRules = rules[LoadBalancerConfigurator.STATS]; - String ip = cmd.getNic().getIp(); - String args = " -i " + ip; + String args = ""; StringBuilder sb = new StringBuilder(); if (addRules.length > 0) { for (int i = 0; i < addRules.length; i++) { sb.append(addRules[i]).append(','); } - args += " -a " + sb.toString(); } @@ -408,7 +416,15 @@ public class VirtualRoutingResource implements Manager { args += " -s " + sb.toString(); } - String result = routerProxy("vpc_loadbalancer.sh", routerIp, args); + String result; + + if (cmd.getVpcId() == null) { + args = " -i " + routerIp + args; + result = routerProxy("loadbalancer.sh", routerIp, args); + } else { + args = " -i " + cmd.getNic().getIp() + args; + result = routerProxy("vpc_loadbalancer.sh", routerIp, args); + } if (result != null) { return new Answer(cmd, false, "LoadBalancerConfigCommand failed"); @@ -420,41 +436,6 @@ public class VirtualRoutingResource implements Manager { } } - private Answer execute(LoadBalancerConfigCommand cmd) { - if (cmd.getVpcId() != null) { - return VPCLoadBalancerConfig(cmd); - } - - String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP); - File tmpCfgFile = null; - try { - String cfgFilePath = ""; - LoadBalancerConfigurator cfgtr = new HAProxyConfigurator(); - String[] config = cfgtr.generateConfiguration(cmd); - String[][] rules = cfgtr.generateFwRules(cmd); - if (routerIp != null) { - tmpCfgFile = File.createTempFile(routerIp.replace('.', '_'), "cfg"); - final PrintWriter out = new PrintWriter(new BufferedWriter(new FileWriter(tmpCfgFile))); - for (int i = 0; i < config.length; i++) { - out.println(config[i]); - } - out.close(); - cfgFilePath = tmpCfgFile.getAbsolutePath(); - } - - final String result = - setLoadBalancerConfig(cfgFilePath, rules[LoadBalancerConfigurator.ADD], rules[LoadBalancerConfigurator.REMOVE], rules[LoadBalancerConfigurator.STATS], - routerIp); - - return new Answer(cmd, result == null, result); - } catch (final IOException e) { - return new Answer(cmd, false, e.getMessage()); - } finally { - if (tmpCfgFile != null) { - tmpCfgFile.delete(); - } - } - } protected Answer execute(VmDataCommand cmd) { String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP); @@ -496,44 +477,6 @@ public class VirtualRoutingResource implements Manager { return new IpAssocAnswer(cmd, results); } - private String setLoadBalancerConfig(final String cfgFile, final String[] addRules, final String[] removeRules, final String[] statsRules, String routerIp) { - - if (routerIp == null) { - routerIp = "none"; - } - - final Script command = new Script(_loadbPath, _timeout, s_logger); - - command.add("-i", routerIp); - command.add("-f", cfgFile); - - StringBuilder sb = new StringBuilder(); - if (addRules.length > 0) { - for (int i = 0; i < addRules.length; i++) { - sb.append(addRules[i]).append(','); - } - command.add("-a", sb.toString()); - } - - sb = new StringBuilder(); - if (removeRules.length > 0) { - for (int i = 0; i < removeRules.length; i++) { - sb.append(removeRules[i]).append(','); - } - command.add("-d", sb.toString()); - } - - sb = new StringBuilder(); - if (statsRules.length > 0) { - for (int i = 0; i < statsRules.length; i++) { - sb.append(statsRules[i]).append(','); - } - command.add("-s", sb.toString()); - } - - return command.execute(); - } - protected Answer execute(final SavePasswordCommand cmd) { final String password = cmd.getPassword(); final String routerPrivateIPAddress = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP); @@ -1104,11 +1047,6 @@ public class VirtualRoutingResource implements Manager { s_logger.warn("Incoming public ip address is overriden. Will always be using the same ip address: " + _publicIpAddress); } - _loadbPath = findScript("call_loadbalancer.sh"); - if (_loadbPath == null) { - throw new ConfigurationException("Unable to find the call_loadbalancer.sh"); - } - _publicEthIf = (String)params.get("public.network.device"); if (_publicEthIf == null) { _publicEthIf = "xenbr1"; http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e88cc488/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java ---------------------------------------------------------------------- diff --git a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java index 24915a2..566d175 100755 --- a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java +++ b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java @@ -1035,97 +1035,22 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa return new SetStaticNatRulesAnswer(cmd, results, endResult); } - protected Answer VPCLoadBalancerConfig(final LoadBalancerConfigCommand cmd) { + protected boolean createFileInVR(String routerIp, String filePath, String fileName, String content) { VmwareManager mgr = getServiceContext().getStockObject(VmwareManager.CONTEXT_STOCK_NAME); File keyFile = mgr.getSystemVMKeyFile(); - - String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP); - String controlIp = getRouterSshControlIp(cmd); - - assert (controlIp != null); - - LoadBalancerConfigurator cfgtr = new HAProxyConfigurator(); - String[] config = cfgtr.generateConfiguration(cmd); - - String tmpCfgFilePath = "/etc/haproxy/haproxy.cfg.new"; - String tmpCfgFileContents = ""; - for (int i = 0; i < config.length; i++) { - tmpCfgFileContents += config[i]; - tmpCfgFileContents += "\n"; - } + boolean result = true; try { - SshHelper.scpTo(controlIp, DefaultDomRSshPort, "root", keyFile, null, "/etc/haproxy/", tmpCfgFileContents.getBytes(), "haproxy.cfg.new", null); - - try { - String[][] rules = cfgtr.generateFwRules(cmd); - - String[] addRules = rules[LoadBalancerConfigurator.ADD]; - String[] removeRules = rules[LoadBalancerConfigurator.REMOVE]; - String[] statRules = rules[LoadBalancerConfigurator.STATS]; - - String args = ""; - String ip = cmd.getNic().getIp(); - args += " -i " + ip; - StringBuilder sb = new StringBuilder(); - if (addRules.length > 0) { - for (int i = 0; i < addRules.length; i++) { - sb.append(addRules[i]).append(','); - } - - args += " -a " + sb.toString(); - } - - sb = new StringBuilder(); - if (removeRules.length > 0) { - for (int i = 0; i < removeRules.length; i++) { - sb.append(removeRules[i]).append(','); - } - - args += " -d " + sb.toString(); - } - - sb = new StringBuilder(); - if (statRules.length > 0) { - for (int i = 0; i < statRules.length; i++) { - sb.append(statRules[i]).append(','); - } - - args += " -s " + sb.toString(); - } - - // Invoke the command - Pair<Boolean, String> result = - SshHelper.sshExecute(controlIp, DefaultDomRSshPort, "root", mgr.getSystemVMKeyFile(), null, "/opt/cloud/bin/vpc_loadbalancer.sh " + args); - - if (!result.first()) { - String msg = "LoadBalancerConfigCommand on domain router " + routerIp + " failed. message: " + result.second(); - s_logger.error(msg); - - return new Answer(cmd, false, msg); - } - - if (s_logger.isInfoEnabled()) { - s_logger.info("VPCLoadBalancerConfigCommand on domain router " + routerIp + " completed"); - } - } finally { - SshHelper.sshExecute(controlIp, DefaultDomRSshPort, "root", mgr.getSystemVMKeyFile(), null, "rm " + tmpCfgFilePath); - } - return new Answer(cmd); - } catch (Throwable e) { - s_logger.error("Unexpected exception: " + e.toString(), e); - return new Answer(cmd, false, "VPCLoadBalancerConfigCommand failed due to " + VmwareHelper.getExceptionMessage(e)); + SshHelper.scpTo(routerIp, 3922, "root", keyFile, null, filePath, content.getBytes(), fileName, null); + } catch (Exception e) { + s_logger.warn("Fail to create file " + filePath + fileName + " in VR " + routerIp, e); + result = false; } + return result; } protected Answer execute(final LoadBalancerConfigCommand cmd) { - - if (cmd.getVpcId() != null) { - return VPCLoadBalancerConfig(cmd); - } - VmwareManager mgr = getServiceContext().getStockObject(VmwareManager.CONTEXT_STOCK_NAME); - File keyFile = mgr.getSystemVMKeyFile(); String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP); String controlIp = getRouterSshControlIp(cmd); @@ -1135,82 +1060,74 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa LoadBalancerConfigurator cfgtr = new HAProxyConfigurator(); String[] config = cfgtr.generateConfiguration(cmd); - String[][] rules = cfgtr.generateFwRules(cmd); - String tmpCfgFilePath = "/tmp/" + routerIp.replace('.', '_') + ".cfg"; String tmpCfgFileContents = ""; + String tmpCfgFileName = "haproxy.cfg.new"; + String tmpCfgFilePath = "/etc/haproxy/"; for (int i = 0; i < config.length; i++) { tmpCfgFileContents += config[i]; tmpCfgFileContents += "\n"; } - try { - SshHelper.scpTo(controlIp, DefaultDomRSshPort, "root", keyFile, null, "/tmp/", tmpCfgFileContents.getBytes(), routerIp.replace('.', '_') + ".cfg", null); + if (!createFileInVR(controlIp, "/etc/haproxy/", "haproxy.cfg.new", tmpCfgFileContents)) { + return new Answer(cmd, false, "Fail to create LB config file in VR"); + } - try { - String[] addRules = rules[LoadBalancerConfigurator.ADD]; - String[] removeRules = rules[LoadBalancerConfigurator.REMOVE]; - String[] statRules = rules[LoadBalancerConfigurator.STATS]; - - String args = ""; - args += "-i " + routerIp; - args += " -f " + tmpCfgFilePath; - - StringBuilder sb = new StringBuilder(); - if (addRules.length > 0) { - for (int i = 0; i < addRules.length; i++) { - sb.append(addRules[i]).append(','); - } + try { - args += " -a " + sb.toString(); - } + String[][] rules = cfgtr.generateFwRules(cmd); - sb = new StringBuilder(); - if (removeRules.length > 0) { - for (int i = 0; i < removeRules.length; i++) { - sb.append(removeRules[i]).append(','); - } + String[] addRules = rules[LoadBalancerConfigurator.ADD]; + String[] removeRules = rules[LoadBalancerConfigurator.REMOVE]; + String[] statRules = rules[LoadBalancerConfigurator.STATS]; - args += " -d " + sb.toString(); + String args = ""; + StringBuilder sb = new StringBuilder(); + if (addRules.length > 0) { + for (int i = 0; i < addRules.length; i++) { + sb.append(addRules[i]).append(','); } - sb = new StringBuilder(); - if (statRules.length > 0) { - for (int i = 0; i < statRules.length; i++) { - sb.append(statRules[i]).append(','); - } + args += " -a " + sb.toString(); + } - args += " -s " + sb.toString(); + sb = new StringBuilder(); + if (removeRules.length > 0) { + for (int i = 0; i < removeRules.length; i++) { + sb.append(removeRules[i]).append(','); } - Pair<Boolean, String> result = - SshHelper.sshExecute(controlIp, DefaultDomRSshPort, "root", mgr.getSystemVMKeyFile(), null, "scp " + tmpCfgFilePath + - " /etc/haproxy/haproxy.cfg.new"); - - if (!result.first()) { - s_logger.error("Unable to copy haproxy configuration file"); - return new Answer(cmd, false, "LoadBalancerConfigCommand failed due to uanble to copy haproxy configuration file"); - } + args += " -d " + sb.toString(); + } - if (s_logger.isDebugEnabled()) { - s_logger.debug("Run command on domain router " + routerIp + ", /root/loadbalancer.sh " + args); + sb = new StringBuilder(); + if (statRules.length > 0) { + for (int i = 0; i < statRules.length; i++) { + sb.append(statRules[i]).append(','); } - result = SshHelper.sshExecute(controlIp, DefaultDomRSshPort, "root", mgr.getSystemVMKeyFile(), null, "/root/loadbalancer.sh " + args); + args += " -s " + sb.toString(); + } - if (!result.first()) { - String msg = "LoadBalancerConfigCommand on domain router " + routerIp + " failed. message: " + result.second(); - s_logger.error(msg); + Pair<Boolean, String> result; + if (cmd.getVpcId() == null) { + args = " -i " + routerIp + args; + result = SshHelper.sshExecute(controlIp, DefaultDomRSshPort, "root", mgr.getSystemVMKeyFile(), null, "/opt/cloud/bin/loadbalancer.sh " + args); + } else { + args = " -i " + cmd.getNic().getIp() + args; + result = SshHelper.sshExecute(controlIp, DefaultDomRSshPort, "root", mgr.getSystemVMKeyFile(), null, "/opt/cloud/bin/vpc_loadbalancer.sh " + args); + } + // Invoke the command - return new Answer(cmd, false, msg); - } + if (!result.first()) { + String msg = "LoadBalancerConfigCommand on domain router " + routerIp + " failed. message: " + result.second(); + s_logger.error(msg); - if (s_logger.isInfoEnabled()) { - s_logger.info("LoadBalancerConfigCommand on domain router " + routerIp + " completed"); - } - } finally { - SshHelper.sshExecute(controlIp, DefaultDomRSshPort, "root", mgr.getSystemVMKeyFile(), null, "rm " + tmpCfgFilePath); + return new Answer(cmd, false, msg); } + if (s_logger.isInfoEnabled()) { + s_logger.info("LoadBalancerConfigCommand on domain router " + routerIp + " completed"); + } return new Answer(cmd); } catch (Throwable e) { s_logger.error("Unexpected exception: " + e.toString(), e); http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e88cc488/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java ---------------------------------------------------------------------- diff --git a/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java b/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java index e7e4ee3..5aed214 100644 --- a/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java +++ b/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java @@ -2125,71 +2125,6 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe return new SetStaticNatRulesAnswer(cmd, results, endResult); } - protected Answer VPCLoadBalancerConfig(final LoadBalancerConfigCommand cmd) { - Connection conn = getConnection(); - String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP); - - if (routerIp == null) { - return new Answer(cmd); - } - - LoadBalancerConfigurator cfgtr = new HAProxyConfigurator(); - String[] config = cfgtr.generateConfiguration(cmd); - String tmpCfgFileContents = ""; - for (int i = 0; i < config.length; i++) { - tmpCfgFileContents += config[i]; - tmpCfgFileContents += "\n"; - } - String tmpCfgFilePath = "/etc/haproxy/haproxy.cfg.new"; - String result = callHostPlugin(conn, "vmops", "createFileInDomr", "domrip", routerIp, "filepath", tmpCfgFilePath, "filecontents", tmpCfgFileContents); - - if (result == null || result.isEmpty()) { - return new Answer(cmd, false, "LoadBalancerConfigCommand failed to create HA proxy cfg file."); - } - - String[][] rules = cfgtr.generateFwRules(cmd); - - String[] addRules = rules[LoadBalancerConfigurator.ADD]; - String[] removeRules = rules[LoadBalancerConfigurator.REMOVE]; - String[] statRules = rules[LoadBalancerConfigurator.STATS]; - - String ip = cmd.getNic().getIp(); - String args = "-i " + ip; - StringBuilder sb = new StringBuilder(); - if (addRules.length > 0) { - for (int i = 0; i < addRules.length; i++) { - sb.append(addRules[i]).append(','); - } - - args += " -a " + sb.toString(); - } - - sb = new StringBuilder(); - if (removeRules.length > 0) { - for (int i = 0; i < removeRules.length; i++) { - sb.append(removeRules[i]).append(','); - } - - args += " -d " + sb.toString(); - } - - sb = new StringBuilder(); - if (statRules.length > 0) { - for (int i = 0; i < statRules.length; i++) { - sb.append(statRules[i]).append(','); - } - - args += " -s " + sb.toString(); - } - - result = routerProxy("vpc_loadbalancer.sh", cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP), args); - - if (result == null || result.isEmpty()) { - return new Answer(cmd, false, "LoadBalancerConfigCommand failed"); - } - return new Answer(cmd); - } - protected Answer execute(final CreateIpAliasCommand cmd) { String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP); List<IpAliasTO> ipAliasTOs = cmd.getIpAliasList(); @@ -2244,11 +2179,12 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe } - protected Answer execute(final LoadBalancerConfigCommand cmd) { - if (cmd.getVpcId() != null) { - return VPCLoadBalancerConfig(cmd); - } + protected String createFileInVR(String routerIp, String path, String content) { Connection conn = getConnection(); + return callHostPlugin(conn, "vmops", "createFileInDomr", "domrip", routerIp, "filepath", path, "filecontents", content); + } + + protected Answer execute(final LoadBalancerConfigCommand cmd) { String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP); if (routerIp == null) { @@ -2257,29 +2193,26 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe LoadBalancerConfigurator cfgtr = new HAProxyConfigurator(); String[] config = cfgtr.generateConfiguration(cmd); - - String[][] rules = cfgtr.generateFwRules(cmd); - String tmpCfgFilePath = "/tmp/" + routerIp.replace('.', '_') + ".cfg"; String tmpCfgFileContents = ""; for (int i = 0; i < config.length; i++) { tmpCfgFileContents += config[i]; tmpCfgFileContents += "\n"; } - - String result = callHostPlugin(conn, "vmops", "createFile", "filepath", tmpCfgFilePath, "filecontents", tmpCfgFileContents); + String tmpCfgFilePath = "/etc/haproxy/haproxy.cfg.new"; + String result = createFileInVR(routerIp, tmpCfgFilePath, tmpCfgFileContents); if (result == null || result.isEmpty()) { return new Answer(cmd, false, "LoadBalancerConfigCommand failed to create HA proxy cfg file."); } + String[][] rules = cfgtr.generateFwRules(cmd); + String[] addRules = rules[LoadBalancerConfigurator.ADD]; String[] removeRules = rules[LoadBalancerConfigurator.REMOVE]; String[] statRules = rules[LoadBalancerConfigurator.STATS]; - String args = ""; - args += "-i " + routerIp; - args += " -f " + tmpCfgFilePath; - + String ip = cmd.getNic().getIp(); + String args = " -i " + ip; StringBuilder sb = new StringBuilder(); if (addRules.length > 0) { for (int i = 0; i < addRules.length; i++) { @@ -2307,14 +2240,17 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe args += " -s " + sb.toString(); } - result = callHostPlugin(conn, "vmops", "setLoadBalancerRule", "args", args); + if (cmd.getVpcId() == null) { + args = " -i " + routerIp + args; + result = routerProxy("loadbalancer.sh", routerIp, args); + } else { + args = " -i " + cmd.getNic().getIp() + args; + result = routerProxy("vpc_loadbalancer.sh", routerIp, args); + } if (result == null || result.isEmpty()) { return new Answer(cmd, false, "LoadBalancerConfigCommand failed"); } - - callHostPlugin(conn, "vmops", "deleteFile", "filepath", tmpCfgFilePath); - return new Answer(cmd); } http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e88cc488/scripts/network/domr/call_loadbalancer.sh ---------------------------------------------------------------------- diff --git a/scripts/network/domr/call_loadbalancer.sh b/scripts/network/domr/call_loadbalancer.sh deleted file mode 100755 index 070947c..0000000 --- a/scripts/network/domr/call_loadbalancer.sh +++ /dev/null @@ -1,101 +0,0 @@ -#!/usr/bin/env bash -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - - -# $Id: call_loadbalancer.sh 9132 2010-06-04 20:17:43Z manuel $ $HeadURL: svn://svn.lab.vmops.com/repos/branches/2.0.0/java/scripts/vm/hypervisor/xenserver/patch/call_loadbalancer.sh $ -# loadbalancer.sh -- reconfigure loadbalancer rules - -usage() { - printf "Usage: %s: -i <domR eth1 ip> -a <added public ip address> -d <removed> -f <load balancer config> -s <stats guest ip >\n" $(basename $0) >&2 -} - -set -x - -check_gw() { - ping -c 1 -n -q $1 > /dev/null - if [ $? -gt 0 ] - then - sleep 1 - ping -c 1 -n -q $1 > /dev/null - fi - return $?; -} - -copy_haproxy() { - local domRIp=$1 - local cfg=$2 - - scp -P 3922 -q -o StrictHostKeyChecking=no -i $cert $cfg root@$domRIp:/etc/haproxy/haproxy.cfg.new - return $? -} - -iflag= -aflag= -dflag= -fflag= -sflag= - -while getopts 'i:a:d:f:s:' OPTION -do - case $OPTION in - i) iflag=1 - domRIp="$OPTARG" - ;; - a) aflag=1 - addedIps="$OPTARG" - ;; - d) dflag=1 - removedIps="$OPTARG" - ;; - f) fflag=1 - cfgfile="$OPTARG" - ;; - s) sflag=1 - statsIps="$OPTARG" - ;; - ?) usage - exit 2 - ;; - esac -done - -cert="/root/.ssh/id_rsa.cloud" - -if [ "$iflag$fflag" != "11" ] -then - usage - exit 2 -fi - -# Check if DomR is up and running. If it isn't, exit 1. -check_gw "$domRIp" -if [ $? -gt 0 ] -then - exit 1 -fi - -copy_haproxy $domRIp $cfgfile - -if [ $? -gt 0 ] -then - printf "Reconfiguring loadbalancer failed\n" - exit 1 -fi - -ssh -p 3922 -q -o StrictHostKeyChecking=no -i $cert root@$domRIp "/root/loadbalancer.sh $*" -exit $? http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e88cc488/scripts/vm/hypervisor/xenserver/vmops ---------------------------------------------------------------------- diff --git a/scripts/vm/hypervisor/xenserver/vmops b/scripts/vm/hypervisor/xenserver/vmops index 82d4a9f..96b7866 100755 --- a/scripts/vm/hypervisor/xenserver/vmops +++ b/scripts/vm/hypervisor/xenserver/vmops @@ -239,21 +239,6 @@ def routerProxy(session, args): return txt @echo -def setLoadBalancerRule(session, args): - sargs = args['args'] - cmd = sargs.split(' ') - cmd.insert(0, "/opt/cloud/bin/call_loadbalancer.sh") - cmd.insert(0, "/bin/bash") - try: - txt = util.pread2(cmd) - txt = 'success' - except: - logging.debug(" set loadbalancer rule failed " ) - txt = '' - - return txt - -@echo def createFile(session, args): file_path = args['filepath'] file_contents = args['filecontents'] @@ -1540,7 +1525,7 @@ if __name__ == "__main__": "setIptables": setIptables, "pingdomr": pingdomr, "pingxenserver": pingxenserver, "savePassword": savePassword, "routerProxy": routerProxy, - "setLoadBalancerRule": setLoadBalancerRule, "createFile": createFile, "deleteFile": deleteFile, + "createFile": createFile, "deleteFile": deleteFile, "network_rules":network_rules, "can_bridge_firewall":can_bridge_firewall, "default_network_rules":default_network_rules, "destroy_network_rules_for_vm":destroy_network_rules_for_vm, http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e88cc488/systemvm/patches/debian/config/opt/cloud/bin/loadbalancer.sh ---------------------------------------------------------------------- diff --git a/systemvm/patches/debian/config/opt/cloud/bin/loadbalancer.sh b/systemvm/patches/debian/config/opt/cloud/bin/loadbalancer.sh new file mode 100755 index 0000000..2c7f77a --- /dev/null +++ b/systemvm/patches/debian/config/opt/cloud/bin/loadbalancer.sh @@ -0,0 +1,320 @@ +#!/usr/bin/env bash +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + + + +# $Id: loadbalancer.sh 9947 2010-06-25 19:34:24Z manuel $ $HeadURL: svn://svn.lab.vmops.com/repos/vmdev/java/patches/xenserver/root/loadbalancer.sh $ +# loadbalancer.sh -- reconfigure loadbalancer rules +# @VERSION@ + +source /root/func.sh + +lock="biglock" +locked=$(getLockFile $lock) +if [ "$locked" != "1" ] +then + exit 1 +fi + +usage() { + printf "Usage: %s: -i <domR eth1 ip> -a <added public ip address ip:port> -d <removed ip:port> -f <load balancer config> -s <stats ip ip:port:cidr> \n" $(basename $0) >&2 +} + +# set -x + +# ensure that the nic has the public ip we are load balancing on +ip_entry() { + local added=$1 + local removed=$2 + + if [ "$added" == "none" ] + then + added="" + fi + + if [ "$removed" == "none" ] + then + removed="" + fi + + local a=$(echo $added | cut -d, -f1- --output-delimiter=" ") + local r=$(echo $removed | cut -d, -f1- --output-delimiter=" ") + + for i in $a + do + local pubIp=$(echo $i | cut -d: -f1) + logger -t cloud "Adding public ip $pubIp for load balancing" + for vif in $VIF_LIST; do + sudo ip addr add dev $vif $pubIp/32 + #ignore error since it is because the ip is already there + done + done + + for i in $r + do + logger -t cloud "Removing public ips for deleted loadbalancers" + local pubIp=$(echo $i | cut -d: -f1) + logger -t cloud "Removing public ip $pubIp for deleted loadbalancers" + for vif in $VIF_LIST; do + sudo ip addr del $pubIp/32 dev $vif + done + done + + return 0 +} +get_lb_vif_list() { +# add eth0 to the VIF_LIST if it is not there, this allows guest VMs to use the LB service. + local lb_list="$VIF_LIST eth0"; + lb_list=$(echo $lb_list | tr " " "\n" | sort | uniq | tr "\n" " ") + echo $lb_list +} +fw_remove_backup() { + local lb_vif_list=$(get_lb_vif_list) + for vif in $lb_vif_list; do + sudo iptables -F back_load_balancer_$vif 2> /dev/null + sudo iptables -D INPUT -i $vif -p tcp -j back_load_balancer_$vif 2> /dev/null + sudo iptables -X back_load_balancer_$vif 2> /dev/null + done + sudo iptables -F back_lb_stats 2> /dev/null + sudo iptables -D INPUT -p tcp -j back_lb_stats 2> /dev/null + sudo iptables -X back_lb_stats 2> /dev/null +} +fw_restore() { + local lb_vif_list=$(get_lb_vif_list) + for vif in $lb_vif_list; do + sudo iptables -F load_balancer_$vif 2> /dev/null + sudo iptables -D INPUT -i $vif -p tcp -j load_balancer_$vif 2> /dev/null + sudo iptables -X load_balancer_$vif 2> /dev/null + sudo iptables -E back_load_balancer_$vif load_balancer_$vif 2> /dev/null + done + sudo iptables -F lb_stats 2> /dev/null + sudo iptables -D INPUT -p tcp -j lb_stats 2> /dev/null + sudo iptables -X lb_stats 2> /dev/null + sudo iptables -E back_lb_stats lb_stats 2> /dev/null +} +# firewall entry to ensure that haproxy can receive on specified port +fw_entry() { + local added=$1 + local removed=$2 + local stats=$3 + + if [ "$added" == "none" ] + then + added="" + fi + + if [ "$removed" == "none" ] + then + removed="" + fi + + local a=$(echo $added | cut -d, -f1- --output-delimiter=" ") + local r=$(echo $removed | cut -d, -f1- --output-delimiter=" ") + +# back up the iptable rules by renaming before creating new. + local lb_vif_list=$(get_lb_vif_list) + for vif in $lb_vif_list; do + sudo iptables -E load_balancer_$vif back_load_balancer_$vif 2> /dev/null + sudo iptables -N load_balancer_$vif 2> /dev/null + sudo iptables -A INPUT -i $vif -p tcp -j load_balancer_$vif + done + sudo iptables -E lb_stats back_lb_stats 2> /dev/null + sudo iptables -N lb_stats 2> /dev/null + sudo iptables -A INPUT -p tcp -j lb_stats + + for i in $a + do + local pubIp=$(echo $i | cut -d: -f1) + local dport=$(echo $i | cut -d: -f2) + local lb_vif_list=$(get_lb_vif_list) + for vif in $lb_vif_list; do + +#TODO : The below delete will be used only when we upgrade the from older verion to the newer one , the below delete become obsolute in the future. + sudo iptables -D INPUT -i $vif -p tcp -d $pubIp --dport $dport -j ACCEPT 2> /dev/null + + sudo iptables -A load_balancer_$vif -p tcp -d $pubIp --dport $dport -j ACCEPT + + if [ $? -gt 0 ] + then + return 1 + fi + done + done + local pubIp=$(echo $stats | cut -d: -f1) + local dport=$(echo $stats | cut -d: -f2) + local cidrs=$(echo $stats | cut -d: -f3 | sed 's/-/,/') + sudo iptables -A lb_stats -s $cidrs -p tcp -m state --state NEW -d $pubIp --dport $dport -j ACCEPT + + +#TODO : The below delete in the for-loop will be used only when we upgrade the from older verion to the newer one , the below delete become obsolute in the future. + for i in $r + do + local pubIp=$(echo $i | cut -d: -f1) + local dport=$(echo $i | cut -d: -f2) + + for vif in $VIF_LIST; do + sudo iptables -D INPUT -i $vif -p tcp -d $pubIp --dport $dport -j ACCEPT 2> /dev/null + done + done + + return 0 +} + +#Hot reconfigure HA Proxy in the routing domain +reconfig_lb() { + /root/reconfigLB.sh + return $? +} + +# Restore the HA Proxy to its previous state, and revert iptables rules on DomR +restore_lb() { + logger -t cloud "Restoring HA Proxy to previous state" + # Copy the old version of haproxy.cfg into the file that reconfigLB.sh uses + cp /etc/haproxy/haproxy.cfg.old /etc/haproxy/haproxy.cfg.new + + if [ $? -eq 0 ] + then + # Run reconfigLB.sh again + /root/reconfigLB.sh + fi +} + +get_vif_list() { + local vif_list="" + for i in /sys/class/net/eth*; do + vif=$(basename $i); + if [ "$vif" != "eth0" ] && [ "$vif" != "eth1" ] + then + vif_list="$vif_list $vif"; + fi + done + if [ "$vif_list" == "" ] + then + vif_list="eth0" + fi + + logger -t cloud "Loadbalancer public interfaces = $vif_list" + echo $vif_list +} + +mflag= +iflag= +aflag= +dflag= +fflag= +sflag= + +while getopts 'i:a:d:f:s:' OPTION +do + case $OPTION in + i) iflag=1 + domRIp="$OPTARG" + ;; + a) aflag=1 + addedIps="$OPTARG" + ;; + d) dflag=1 + removedIps="$OPTARG" + ;; + f) fflag=1 + cfgfile="$OPTARG" + ;; + + s) sflag=1 + statsIp="$OPTARG" + ;; + ?) usage + unlock_exit 2 $lock $locked + ;; + esac +done + +if [ "$addedIps" == "" ] +then + addedIps="none" +fi + + +if [ "$removedIps" == "" ] +then + removedIps="none" +fi + +VIF_LIST=$(get_vif_list) + + +if [ "$addedIps" == "" ] +then + addedIps="none" +fi + +if [ "$removedIps" == "" ] +then + removedIps="none" +fi + +#FIXME: make this explicit via check on vm type or passed in flag +if [ "$VIF_LIST" == "eth0" ] +then + ip_entry $addedIps $removedIps +fi + +# hot reconfigure haproxy +reconfig_lb $cfgfile + +if [ $? -gt 0 ] +then + logger -t cloud "Reconfiguring loadbalancer failed" + #FIXME: make this explicit via check on vm type or passed in flag + if [ "$VIF_LIST" == "eth0" ] + then + ip_entry $removedIps $addedIps + fi + unlock_exit 1 $lock $locked +fi + +# iptables entry to ensure that haproxy receives traffic +fw_entry $addedIps $removedIps $statsIp + +if [ $? -gt 0 ] +then + logger -t cloud "Failed to apply firewall rules for load balancing, reverting HA Proxy config" + # Restore the LB + restore_lb + + + logger -t cloud "Reverting firewall config" + # Revert iptables rules on DomR + fw_restore + + #FIXME: make this explicit via check on vm type or passed in flag + if [ "$VIF_LIST" == "eth0" ] + then + logger -t cloud "Reverting ip address changes to eth0" + ip_entry $removedIps $addedIps + fi + + unlock_exit 1 $lock $locked +else + # Remove backedup iptable rules + fw_remove_backup +fi + +unlock_exit 0 $lock $locked + + http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e88cc488/systemvm/patches/debian/config/root/loadbalancer.sh ---------------------------------------------------------------------- diff --git a/systemvm/patches/debian/config/root/loadbalancer.sh b/systemvm/patches/debian/config/root/loadbalancer.sh deleted file mode 100755 index 2c7f77a..0000000 --- a/systemvm/patches/debian/config/root/loadbalancer.sh +++ /dev/null @@ -1,320 +0,0 @@ -#!/usr/bin/env bash -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - - - -# $Id: loadbalancer.sh 9947 2010-06-25 19:34:24Z manuel $ $HeadURL: svn://svn.lab.vmops.com/repos/vmdev/java/patches/xenserver/root/loadbalancer.sh $ -# loadbalancer.sh -- reconfigure loadbalancer rules -# @VERSION@ - -source /root/func.sh - -lock="biglock" -locked=$(getLockFile $lock) -if [ "$locked" != "1" ] -then - exit 1 -fi - -usage() { - printf "Usage: %s: -i <domR eth1 ip> -a <added public ip address ip:port> -d <removed ip:port> -f <load balancer config> -s <stats ip ip:port:cidr> \n" $(basename $0) >&2 -} - -# set -x - -# ensure that the nic has the public ip we are load balancing on -ip_entry() { - local added=$1 - local removed=$2 - - if [ "$added" == "none" ] - then - added="" - fi - - if [ "$removed" == "none" ] - then - removed="" - fi - - local a=$(echo $added | cut -d, -f1- --output-delimiter=" ") - local r=$(echo $removed | cut -d, -f1- --output-delimiter=" ") - - for i in $a - do - local pubIp=$(echo $i | cut -d: -f1) - logger -t cloud "Adding public ip $pubIp for load balancing" - for vif in $VIF_LIST; do - sudo ip addr add dev $vif $pubIp/32 - #ignore error since it is because the ip is already there - done - done - - for i in $r - do - logger -t cloud "Removing public ips for deleted loadbalancers" - local pubIp=$(echo $i | cut -d: -f1) - logger -t cloud "Removing public ip $pubIp for deleted loadbalancers" - for vif in $VIF_LIST; do - sudo ip addr del $pubIp/32 dev $vif - done - done - - return 0 -} -get_lb_vif_list() { -# add eth0 to the VIF_LIST if it is not there, this allows guest VMs to use the LB service. - local lb_list="$VIF_LIST eth0"; - lb_list=$(echo $lb_list | tr " " "\n" | sort | uniq | tr "\n" " ") - echo $lb_list -} -fw_remove_backup() { - local lb_vif_list=$(get_lb_vif_list) - for vif in $lb_vif_list; do - sudo iptables -F back_load_balancer_$vif 2> /dev/null - sudo iptables -D INPUT -i $vif -p tcp -j back_load_balancer_$vif 2> /dev/null - sudo iptables -X back_load_balancer_$vif 2> /dev/null - done - sudo iptables -F back_lb_stats 2> /dev/null - sudo iptables -D INPUT -p tcp -j back_lb_stats 2> /dev/null - sudo iptables -X back_lb_stats 2> /dev/null -} -fw_restore() { - local lb_vif_list=$(get_lb_vif_list) - for vif in $lb_vif_list; do - sudo iptables -F load_balancer_$vif 2> /dev/null - sudo iptables -D INPUT -i $vif -p tcp -j load_balancer_$vif 2> /dev/null - sudo iptables -X load_balancer_$vif 2> /dev/null - sudo iptables -E back_load_balancer_$vif load_balancer_$vif 2> /dev/null - done - sudo iptables -F lb_stats 2> /dev/null - sudo iptables -D INPUT -p tcp -j lb_stats 2> /dev/null - sudo iptables -X lb_stats 2> /dev/null - sudo iptables -E back_lb_stats lb_stats 2> /dev/null -} -# firewall entry to ensure that haproxy can receive on specified port -fw_entry() { - local added=$1 - local removed=$2 - local stats=$3 - - if [ "$added" == "none" ] - then - added="" - fi - - if [ "$removed" == "none" ] - then - removed="" - fi - - local a=$(echo $added | cut -d, -f1- --output-delimiter=" ") - local r=$(echo $removed | cut -d, -f1- --output-delimiter=" ") - -# back up the iptable rules by renaming before creating new. - local lb_vif_list=$(get_lb_vif_list) - for vif in $lb_vif_list; do - sudo iptables -E load_balancer_$vif back_load_balancer_$vif 2> /dev/null - sudo iptables -N load_balancer_$vif 2> /dev/null - sudo iptables -A INPUT -i $vif -p tcp -j load_balancer_$vif - done - sudo iptables -E lb_stats back_lb_stats 2> /dev/null - sudo iptables -N lb_stats 2> /dev/null - sudo iptables -A INPUT -p tcp -j lb_stats - - for i in $a - do - local pubIp=$(echo $i | cut -d: -f1) - local dport=$(echo $i | cut -d: -f2) - local lb_vif_list=$(get_lb_vif_list) - for vif in $lb_vif_list; do - -#TODO : The below delete will be used only when we upgrade the from older verion to the newer one , the below delete become obsolute in the future. - sudo iptables -D INPUT -i $vif -p tcp -d $pubIp --dport $dport -j ACCEPT 2> /dev/null - - sudo iptables -A load_balancer_$vif -p tcp -d $pubIp --dport $dport -j ACCEPT - - if [ $? -gt 0 ] - then - return 1 - fi - done - done - local pubIp=$(echo $stats | cut -d: -f1) - local dport=$(echo $stats | cut -d: -f2) - local cidrs=$(echo $stats | cut -d: -f3 | sed 's/-/,/') - sudo iptables -A lb_stats -s $cidrs -p tcp -m state --state NEW -d $pubIp --dport $dport -j ACCEPT - - -#TODO : The below delete in the for-loop will be used only when we upgrade the from older verion to the newer one , the below delete become obsolute in the future. - for i in $r - do - local pubIp=$(echo $i | cut -d: -f1) - local dport=$(echo $i | cut -d: -f2) - - for vif in $VIF_LIST; do - sudo iptables -D INPUT -i $vif -p tcp -d $pubIp --dport $dport -j ACCEPT 2> /dev/null - done - done - - return 0 -} - -#Hot reconfigure HA Proxy in the routing domain -reconfig_lb() { - /root/reconfigLB.sh - return $? -} - -# Restore the HA Proxy to its previous state, and revert iptables rules on DomR -restore_lb() { - logger -t cloud "Restoring HA Proxy to previous state" - # Copy the old version of haproxy.cfg into the file that reconfigLB.sh uses - cp /etc/haproxy/haproxy.cfg.old /etc/haproxy/haproxy.cfg.new - - if [ $? -eq 0 ] - then - # Run reconfigLB.sh again - /root/reconfigLB.sh - fi -} - -get_vif_list() { - local vif_list="" - for i in /sys/class/net/eth*; do - vif=$(basename $i); - if [ "$vif" != "eth0" ] && [ "$vif" != "eth1" ] - then - vif_list="$vif_list $vif"; - fi - done - if [ "$vif_list" == "" ] - then - vif_list="eth0" - fi - - logger -t cloud "Loadbalancer public interfaces = $vif_list" - echo $vif_list -} - -mflag= -iflag= -aflag= -dflag= -fflag= -sflag= - -while getopts 'i:a:d:f:s:' OPTION -do - case $OPTION in - i) iflag=1 - domRIp="$OPTARG" - ;; - a) aflag=1 - addedIps="$OPTARG" - ;; - d) dflag=1 - removedIps="$OPTARG" - ;; - f) fflag=1 - cfgfile="$OPTARG" - ;; - - s) sflag=1 - statsIp="$OPTARG" - ;; - ?) usage - unlock_exit 2 $lock $locked - ;; - esac -done - -if [ "$addedIps" == "" ] -then - addedIps="none" -fi - - -if [ "$removedIps" == "" ] -then - removedIps="none" -fi - -VIF_LIST=$(get_vif_list) - - -if [ "$addedIps" == "" ] -then - addedIps="none" -fi - -if [ "$removedIps" == "" ] -then - removedIps="none" -fi - -#FIXME: make this explicit via check on vm type or passed in flag -if [ "$VIF_LIST" == "eth0" ] -then - ip_entry $addedIps $removedIps -fi - -# hot reconfigure haproxy -reconfig_lb $cfgfile - -if [ $? -gt 0 ] -then - logger -t cloud "Reconfiguring loadbalancer failed" - #FIXME: make this explicit via check on vm type or passed in flag - if [ "$VIF_LIST" == "eth0" ] - then - ip_entry $removedIps $addedIps - fi - unlock_exit 1 $lock $locked -fi - -# iptables entry to ensure that haproxy receives traffic -fw_entry $addedIps $removedIps $statsIp - -if [ $? -gt 0 ] -then - logger -t cloud "Failed to apply firewall rules for load balancing, reverting HA Proxy config" - # Restore the LB - restore_lb - - - logger -t cloud "Reverting firewall config" - # Revert iptables rules on DomR - fw_restore - - #FIXME: make this explicit via check on vm type or passed in flag - if [ "$VIF_LIST" == "eth0" ] - then - logger -t cloud "Reverting ip address changes to eth0" - ip_entry $removedIps $addedIps - fi - - unlock_exit 1 $lock $locked -else - # Remove backedup iptable rules - fw_remove_backup -fi - -unlock_exit 0 $lock $locked - -
