Revision d2b16e51 hooks/group-modify-post.d/snf-network
b/hooks/group-modify-post.d/snf-network | ||
---|---|---|
2 | 2 |
|
3 | 3 |
source /etc/default/snf-network |
4 | 4 |
|
5 |
GROUP=$GANETI_GROUP_NAME
|
|
5 |
source $CONF
|
|
6 | 6 |
|
7 |
GROUP=$GANETI_GROUP_NAME |
|
7 | 8 |
ACTION=$GANETI_GROUP_NETWORK_ACTION |
8 | 9 |
NETWORK=$GANETI_GROUP_NETWORK_NAME |
9 | 10 |
MODE=$GANETI_GROUP_NETWORK_MODE |
10 | 11 |
LINK=$GANETI_GROUP_NETWORK_LINK |
11 | 12 |
|
12 |
|
|
13 |
|
|
14 |
if [ -z $ACTION ]; then |
|
15 |
exit 0 |
|
16 |
fi |
|
13 |
HOSTNAME=$(hostname) |
|
17 | 14 |
|
18 | 15 |
NETFILE=$SHAREDDIR/networks/$NETWORK |
16 |
GROUPMAPFILE=$SHAREDDIR/mappings/$NETWORK-$GROUP |
|
17 |
NODEMAPFILE=$SHAREDDIR/mappings/$NETWORK-$HOSTNAME |
|
18 |
NODEINFRAFILE=$SHAREDDIR/infra/$HOSTNAME |
|
19 | 19 |
|
20 |
MAPFILE=$SHAREDDIR/mappings/$NETWORK-$GROUP
|
|
20 |
RT_TABLES=/etc/iproute2/rt_tables
|
|
21 | 21 |
|
22 |
function set_rt_table { |
|
23 |
ID=$(sed -n '/^$/ { =; q}' /etc/iproute2/rt_tables) |
|
24 |
if [ -z $ID ]; then |
|
25 |
ID=$(wc -l /etc/iproute2/rt_tables) |
|
26 |
echo $((ID+1)) rt_$NETWORK > /etc/iproute2/rt_tables |
|
27 |
else |
|
28 |
sed -i '1,/^$/ s/^$/'"$ID"' rt_'"$NETWORK"'/' /etc/iproute2/rt_tables |
|
29 |
fi |
|
30 |
} |
|
22 |
source $NODEINFRAFILE |
|
23 |
source $NETFILE |
|
31 | 24 |
|
25 |
if [ -z "$ACTION" ]; then |
|
26 |
exit 0 |
|
27 |
fi |
|
32 | 28 |
|
33 | 29 |
|
34 |
if [ $ACTION == "add" ]; then
|
|
35 |
if [ $MODE == "routed" ]; then
|
|
30 |
if [ "$ACTION" == "add" ]; then
|
|
31 |
if [ "$MODE" == "routed" ]; then
|
|
36 | 32 |
VLAN=$LINK |
37 |
if [ $TYPE == "public" ]; then |
|
33 |
TABLE=rt_$NETWORK |
|
34 |
if [ "$TYPE" == "public" ]; then |
|
38 | 35 |
ARP_IP=$(ipcalc $SUBNET | grep HostMax | awk '{print $2}') |
39 | 36 |
|
40 | 37 |
ip link set $VLAN up |
41 | 38 |
|
42 | 39 |
echo 1 > "/proc/sys/net/ipv4/conf/$VLAN/proxy_arp" |
43 | 40 |
|
44 |
set_rt_table |
|
41 |
ID=$(wc -l < $RT_TABLES) |
|
42 |
echo $((ID+1)) $TABLE >> $RT_TABLES |
|
45 | 43 |
|
46 |
ip rule add iif $VLAN table rt_$NETWORK
|
|
44 |
ip rule add iif $VLAN table $TABLE
|
|
47 | 45 |
|
48 | 46 |
ip route add $SUBNET dev $VLAN table main |
49 | 47 |
|
50 |
ip route add $SUBNET dev $VLAN table rt_$NETWORK
|
|
51 |
ip route add default via $GATEWAY dev $VLAN table rt_$NETWORK
|
|
48 |
ip route add $SUBNET dev $VLAN table $TABLE
|
|
49 |
ip route add default via $GATEWAY dev $VLAN table $TABLE
|
|
52 | 50 |
|
53 | 51 |
echo 1 > /proc/sys/net/ipv4/conf/all/forwarding |
54 | 52 |
|
... | ... | |
58 | 56 |
|
59 | 57 |
|
60 | 58 |
|
61 |
if [ $MODE == "bridged" ]; then
|
|
59 |
if [ "$MODE" == "bridged" ]; then
|
|
62 | 60 |
BRIDGE=$LINK |
63 |
if [ ! -z $GATEWAY ]; then
|
|
64 |
if [ $TYPE == "private" ]; then
|
|
65 |
if [ $(hostname) == $ROUTER ]; then
|
|
61 |
if [ ! -z "$GATEWAY" ]; then
|
|
62 |
if [ "$TYPE" == "private" ]; then
|
|
63 |
if [ "$HOSTNAME" == "$ROUTER" ]; then
|
|
66 | 64 |
NETMASK=$(ipcalc $SUBNET | grep Netmask | awk '{print $4}') |
67 | 65 |
ip addr add $GATEWAY/$NETMASK dev $BRIDGE |
68 | 66 |
iptables -t nat -A POSTROUTING -s $SUBNET \! -d 192.168.0.0/16 -j MASQUERADE |
... | ... | |
71 | 69 |
fi |
72 | 70 |
fi |
73 | 71 |
|
74 |
cat > $MAPFILE <<EOF |
|
75 |
MODE=$MODE |
|
76 |
LINK=$LINK |
|
77 |
EOF |
|
72 |
ln -sf $GROUPMAPFILE $NODEMAPFILE |
|
78 | 73 |
|
79 |
else |
|
74 |
elif [ "$ACTION" == "remove" ]; then |
|
75 |
if [ ! -e "$NODEMAPFILE" ]; then |
|
76 |
exit 0; |
|
77 |
fi |
|
80 | 78 |
|
81 |
source $MAPFILE |
|
79 |
source $NODEMAPFILE
|
|
82 | 80 |
|
83 | 81 |
if [ "$MODE" == "routed" ]; then |
84 | 82 |
VLAN=$LINK |
85 | 83 |
TABLE=rt_$NETWORK |
86 |
if [ $TYPE == "public" ]; then
|
|
84 |
if [ "$TYPE" == "public" ]; then
|
|
87 | 85 |
ARP_IP=$(ipcalc $SUBNET | grep HostMax | awk '{print $2}') |
88 | 86 |
|
89 | 87 |
arptables -D OUTPUT -o $VLAN --opcode request -j mangle --mangle-ip-s $ARP_IP |
... | ... | |
94 | 92 |
ip route del $SUBNET dev $VLAN table main |
95 | 93 |
|
96 | 94 |
ip rule del iif $VLAN table $TABLE |
97 |
sed -i 's/.*'"$TABLE"'$//' /etc/iproute2/rt_tables |
|
95 |
|
|
96 |
sed -i 's/.*'"$TABLE"'$//' $RT_TABLES |
|
98 | 97 |
fi |
99 | 98 |
fi |
100 | 99 |
|
... | ... | |
102 | 101 |
|
103 | 102 |
if [ "$MODE" == "bridged" ]; then |
104 | 103 |
BRIDGE=$LINK |
105 |
if [ ! -z $GATEWAY ]; then
|
|
106 |
if [ $TYPE == "private" ]; then
|
|
107 |
if [ $(hostname) == $ROUTER ]; then
|
|
104 |
if [ ! -z "$GATEWAY" ]; then
|
|
105 |
if [ "$TYPE" == "private" ]; then
|
|
106 |
if [ "$HOSTNAME" == "$ROUTER" ]; then
|
|
108 | 107 |
NETMASK=$(ipcalc $SUBNET | grep Netmask | awk '{print $4}') |
109 | 108 |
ip addr del $GATEWAY/$NETMASK dev $BRIDGE |
110 | 109 |
iptables -t nat -D POSTROUTING -s $SUBNET \! -d 192.168.0.0/16 -j MASQUERADE |
... | ... | |
113 | 112 |
fi |
114 | 113 |
fi |
115 | 114 |
|
116 |
rm $MAPFILE |
|
115 |
rm $NODEMAPFILE
|
|
117 | 116 |
|
118 | 117 |
fi |
Also available in: Unified diff