Re: [gentoo-dev] parser/generator for /etc/conf.d/net*
On Mon, 30 Jun 2014 12:46:38 -0700 C.J. Adams-Collier KF7BMP wrote: Hello folks, I've got a project on my plate to automate and reduce the human error in adding new VLANs, subnets, addresses, etc. to our production firewall fleet. Today, we manually make modifications to the following on both members of the VRRP pair: * /etc/conf.d/net.ext * /etc/conf.d/net.int * /etc/keepalived/keepalived.conf * quagga OSPF running-config This leaves a lot of room for error. And occasionally, we let a thing or two slip by us. This causes us enough headache to put some time and energy in to improving the process. Which brings me to the question, does there exist a parser/generator for the /etc/conf.d/net.* files? If not, would Gentoo like me to contribute my work on the generator, and would one of you point me to the parser? If you're interested, we have developed a network init tool for mass control of vlans, bridges and so on. It is used on hosts with hundreds of production containers, where usual net.iface approach is too slow and cumbersome. It is based on plane ip (from iproute2) and called ipw (ip wrapper), bridges are managed via /sys/ interfare, so there are very litte dependencies: https://gitlab.ut.mephi.ru/ut/ipw/tree/master It looks like tuning it for your needs should be simple. Best regards, Andrew Savchenko pgpBhasrK2Yog.pgp Description: PGP signature
Re: [gentoo-dev] parser/generator for /etc/conf.d/net*
On Mon, Jun 30, 2014 at 12:46:38PM -0700, C.J. Adams-Collier KF7BMP wrote: Which brings me to the question, does there exist a parser/generator for the /etc/conf.d/net.* files? If not, would Gentoo like me to contribute my work on the generator, and would one of you point me to the parser? The files in /etc/conf.d are just posix shell code; they are sourced in /lib*/rc/runscript.sh. The actions taken depend on the service script that reads the files. I'll let the netifrc maintainers speak up wrt whether they would be interested in a generator for /etc/conf.d/net.*. Thanks, William signature.asc Description: Digital signature
Re: [gentoo-dev] parser/generator for /etc/conf.d/net*
On Mon, Jun 30, 2014 at 03:11:57PM -0500, William Hubbs wrote: On Mon, Jun 30, 2014 at 12:46:38PM -0700, C.J. Adams-Collier KF7BMP wrote: Which brings me to the question, does there exist a parser/generator for the /etc/conf.d/net.* files? If not, would Gentoo like me to contribute my work on the generator, and would one of you point me to the parser? The files in /etc/conf.d are just posix shell code; they are sourced in /lib*/rc/runscript.sh. The actions taken depend on the service script that reads the files. I'll let the netifrc maintainers speak up wrt whether they would be interested in a generator for /etc/conf.d/net.*. I'm certainly interested in a generator for the simple versions, but it's going to remain shell code, because there are some really complex configs out there, that sanely use variables to abstract reduce complexity. As such, a parser should probably just source it, and be prepared to say 'this is too complex, do it yourself'. -- Robin Hugh Johnson Gentoo Linux: Developer, Infrastructure Lead E-Mail : robb...@gentoo.org GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85
Re: [gentoo-dev] parser/generator for /etc/conf.d/net*
On Mon, 2014-06-30 at 22:09 +, Robin H. Johnson wrote: On Mon, Jun 30, 2014 at 03:11:57PM -0500, William Hubbs wrote: On Mon, Jun 30, 2014 at 12:46:38PM -0700, C.J. Adams-Collier KF7BMP wrote: Which brings me to the question, does there exist a parser/generator for the /etc/conf.d/net.* files? If not, would Gentoo like me to contribute my work on the generator, and would one of you point me to the parser? The files in /etc/conf.d are just posix shell code; they are sourced in /lib*/rc/runscript.sh. The actions taken depend on the service script that reads the files. I'll let the netifrc maintainers speak up wrt whether they would be interested in a generator for /etc/conf.d/net.*. I'm certainly interested in a generator for the simple versions, but it's going to remain shell code, because there are some really complex configs out there, that sanely use variables to abstract reduce complexity. As such, a parser should probably just source it, and be prepared to say 'this is too complex, do it yourself'. Thanks Robin. I'll keep that in mind as I work on this. Good to know there's interest in the work. I've got a basic package started and have most of the functionality stubbed out. Next step is to write some tests. signature.asc Description: This is a digitally signed message part
Re: [gentoo-dev] parser/generator for /etc/conf.d/net*
On Mon, Jun 30, 2014 at 3:46 PM, C.J. Adams-Collier KF7BMP c...@colliertech.org wrote: I've got a project on my plate to automate and reduce the human error in adding new VLANs, subnets, addresses, etc. to our production firewall fleet. Today, we manually make modifications to the following on both members of the VRRP pair: It sounds like the default init script isn't great for you. Rather than write a generator for a static configuration file that is consumed by a script, would it make more sense to modify the /etc/init.d script to compute whatever you need on the fly? I would think that would make deployment more flexible and (depending on what you're trying to do) perhaps eliminate the need for a manual configuration step. I did that once for a Gentoo VM that needed to figure out a working network configuration under a variety of hypervisors (the thing being distributed to customers was the VM, and final setup was web-based, so it had to work no matter what). -Tim
