From 396fa72ee3350becf427dcd4a4341417770d7196 Mon Sep 17 00:00:00 2001 From: anthony Date: Fri, 25 May 2012 14:07:26 -0700 Subject: [PATCH] 1. move control network to eth0 on domr 2. if it is basic mode, use guest NIC as Control NIC --- .../systemvm/debian/config/etc/dnsmasq.conf | 9 ++-- .../config/etc/init.d/cloud-early-config | 39 +++----------- .../config/etc/iptables/iptables-router | 11 +--- .../network/guru/ControlNetworkGuru.java | 19 +------ .../lb/ElasticLoadBalancerManagerImpl.java | 8 +-- .../VirtualNetworkApplianceManagerImpl.java | 51 ++++++++++--------- ...VpcVirtualNetworkApplianceManagerImpl.java | 2 +- wscript | 2 +- 8 files changed, 45 insertions(+), 96 deletions(-) diff --git a/patches/systemvm/debian/config/etc/dnsmasq.conf b/patches/systemvm/debian/config/etc/dnsmasq.conf index 8f999a75cb1..f997004ef78 100644 --- a/patches/systemvm/debian/config/etc/dnsmasq.conf +++ b/patches/systemvm/debian/config/etc/dnsmasq.conf @@ -70,19 +70,18 @@ local=/2.vmops-test.vmops.com/ # specified interfaces (and the loopback) give the name of the # interface (eg eth0) here. # Repeat the line for more than one interface. -interface=eth0 +#interface=eth0 + # Or you can specify which interface _not_ to listen on -except-interface=eth1 -except-interface=eth2 except-interface=lo + # Or which to listen on by address (remember to include 127.0.0.1 if # you use this.) #listen-address= # If you want dnsmasq to provide only DNS service on an interface, # configure it as shown above, and then use the following line to # disable DHCP on it. -no-dhcp-interface=eth1 -no-dhcp-interface=eth2 +#no-dhcp-interface=eth1 # On systems which support it, dnsmasq binds the wildcard address, # even when it is listening on only some interfaces. It then discards diff --git a/patches/systemvm/debian/config/etc/init.d/cloud-early-config b/patches/systemvm/debian/config/etc/init.d/cloud-early-config index 19f87c23e04..b2566ebf04d 100755 --- a/patches/systemvm/debian/config/etc/init.d/cloud-early-config +++ b/patches/systemvm/debian/config/etc/init.d/cloud-early-config @@ -376,6 +376,7 @@ setup_dnsmasq() { sed -i s/[#]*dhcp-option=15.*$/dhcp-option=15,\""$DNS_SEARCH_ORDER"\"/ /etc/dnsmasq.conf fi + sed -i -e "s/^dhcp-range=.*$/dhcp-range=$DHCP_RANGE,static/" /etc/dnsmasq.conf sed -i -e "s/^[#]*listen-address=.*$/listen-address=$ETH0_IP/" /etc/dnsmasq.conf @@ -523,8 +524,6 @@ setup_router() { - setup_dnsmasq - NS=$NS1 [ -n "$NS2" ] && NS=$NS1,$NS2 if [ "$USE_EXTERNAL_DNS" == "true" ] @@ -533,12 +532,9 @@ setup_router() { echo "dhcp-option=6,$NS" >> /etc/dnsmasq.conf fi - setup_apache2 $ETH0_IP - sed -i /gateway/d /etc/hosts - echo "$ETH0_IP $NAME" >> /etc/hosts - setup_sshd $ETH1_IP + setup_sshd $ETH0_IP enable_svc dnsmasq 1 enable_svc haproxy 1 @@ -552,7 +548,7 @@ setup_router() { setup_dhcpsrvr() { log_it "Setting up dhcp server system vm" - setup_common eth0 eth1 + setup_common eth0 setup_dnsmasq setup_apache2 $ETH0_IP @@ -580,12 +576,7 @@ setup_dhcpsrvr() { sed -i /gateway/d /etc/hosts echo "$ETH0_IP $NAME" >> /etc/hosts - if [ "$SSHONGUEST" == "true" ] - then - setup_sshd $ETH0_IP - else - setup_sshd $ETH1_IP - fi + setup_sshd $ETH0_IP enable_svc dnsmasq 1 enable_svc haproxy 0 @@ -593,12 +584,7 @@ setup_dhcpsrvr() { enable_svc cloud 0 enable_fwding 0 chkconfig nfs-common off - if [ "$SSHONGUEST" == "true" ] - then - sed '/3922/i -A INPUT -i eth0 -p tcp -m state --state NEW --dport 3922 -j ACCEPT' /etc/iptables/iptables-router > /etc/iptables/rules - else - cp /etc/iptables/iptables-router /etc/iptables/rules - fi + cp /etc/iptables/iptables-router /etc/iptables/rules } setup_storage_network() { @@ -673,17 +659,11 @@ setup_elbvm() { setup_common eth0 eth1 sed -i /gateway/d /etc/hosts public_ip=$ETH2_IP - [ "$ETH2_IP" == "0.0.0.0" ] || [ "$ETH2_IP" == "" ] && public_ip=$ETH0_IP + [ "$ETH2_IP" == "0.0.0.0" ] || [ "$ETH2_IP" == "" ] && public_ip=$ETH1_IP echo "$public_ip $NAME" >> /etc/hosts - if [ "$SSHONGUEST" == "true" ] - then - sed '/3922/s/eth1/eth0/' - setup_sshd $ETH0_IP - else - cp /etc/iptables/iptables-elbvm /etc/iptables/rules - setup_sshd $ETH1_IP - fi + cp /etc/iptables/iptables-elbvm /etc/iptables/rules + setup_sshd $ETH0_IP enable_fwding 0 enable_svc haproxy 0 @@ -820,9 +800,6 @@ for i in $CMDLINE template) TEMPLATE=$VALUE ;; - sshonguest) - SSHONGUEST=$VALUE - ;; name) NAME=$VALUE ;; diff --git a/patches/systemvm/debian/config/etc/iptables/iptables-router b/patches/systemvm/debian/config/etc/iptables/iptables-router index e1972e3a12d..ac40ed41056 100644 --- a/patches/systemvm/debian/config/etc/iptables/iptables-router +++ b/patches/systemvm/debian/config/etc/iptables/iptables-router @@ -14,16 +14,7 @@ COMMIT -A INPUT -i eth2 -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT --A INPUT -i eth0 -p udp -m udp --dport 67 -j ACCEPT --A INPUT -i eth0 -p udp -m udp --dport 53 -j ACCEPT --A INPUT -i eth1 -p tcp -m state --state NEW --dport 3922 -j ACCEPT --A INPUT -i eth0 -p tcp -m state --state NEW --dport 8080 -j ACCEPT --A INPUT -i eth0 -p tcp -m state --state NEW --dport 80 -j ACCEPT --A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT --A FORWARD -i eth0 -o eth2 -j ACCEPT --A FORWARD -i eth2 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT --A FORWARD -i eth0 -o eth0 -m state --state NEW -j ACCEPT --A FORWARD -i eth0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT +-A INPUT -i eth0 -p tcp -m state --state NEW --dport 3922 -j ACCEPT COMMIT *mangle :PREROUTING ACCEPT [0:0] diff --git a/server/src/com/cloud/network/guru/ControlNetworkGuru.java b/server/src/com/cloud/network/guru/ControlNetworkGuru.java index 4427be7a064..807bf312eff 100755 --- a/server/src/com/cloud/network/guru/ControlNetworkGuru.java +++ b/server/src/com/cloud/network/guru/ControlNetworkGuru.java @@ -106,14 +106,7 @@ public class ControlNetworkGuru extends PodBasedNetworkGuru implements NetworkGu @Override public NicProfile allocate(Network config, NicProfile nic, VirtualMachineProfile vm) throws InsufficientVirtualNetworkCapcityException, InsufficientAddressCapacityException { - - if(vm.getHypervisorType() == HypervisorType.VMware && vm.getType() != VirtualMachine.Type.DomainRouter) { - NicProfile nicProf = new NicProfile(Nic.ReservationStrategy.Create, null, null, null, null); - String mac = _networkMgr.getNextAvailableMacAddressInNetwork(config.getId()); - nicProf.setMacAddress(mac); - return nicProf; - } - + if (nic != null) { throw new CloudRuntimeException("Does not support nic specification at this time: " + nic); } @@ -137,15 +130,6 @@ public class ControlNetworkGuru extends PodBasedNetworkGuru implements NetworkGu String mac = _networkMgr.getNextAvailableMacAddressInNetwork(config.getId()); nic.setMacAddress(mac); return; - } else { - // in basic mode and in VMware case, control network will be shared with guest network - String mac = _networkMgr.getNextAvailableMacAddressInNetwork(config.getId()); - nic.setMacAddress(mac); - nic.setIp4Address("0.0.0.0"); - nic.setNetmask("0.0.0.0"); - nic.setFormat(AddressFormat.Ip4); - nic.setGateway("0.0.0.0"); - return; } } @@ -158,6 +142,7 @@ public class ControlNetworkGuru extends PodBasedNetworkGuru implements NetworkGu nic.setNetmask("255.255.0.0"); nic.setFormat(AddressFormat.Ip4); nic.setGateway(NetUtils.getLinkLocalGateway()); + nic.setDeviceId(0); } @Override diff --git a/server/src/com/cloud/network/lb/ElasticLoadBalancerManagerImpl.java b/server/src/com/cloud/network/lb/ElasticLoadBalancerManagerImpl.java index d479f76e012..cf88fcd5b80 100644 --- a/server/src/com/cloud/network/lb/ElasticLoadBalancerManagerImpl.java +++ b/server/src/com/cloud/network/lb/ElasticLoadBalancerManagerImpl.java @@ -498,8 +498,9 @@ public class ElasticLoadBalancerManagerImpl implements List> networks = new ArrayList>(2); NicProfile guestNic = new NicProfile(); guestNic.setDefaultNic(true); - networks.add(new Pair((NetworkVO) guestNetwork, guestNic)); networks.add(new Pair(controlConfig, null)); + networks.add(new Pair((NetworkVO) guestNetwork, guestNic)); + VMTemplateVO template = _templateDao.findSystemVMTemplate(dcId); @@ -851,11 +852,6 @@ public class ElasticLoadBalancerManagerImpl implements // always add management explicit route, for basic networking setup buf.append(" mgmtcidr=").append(_mgmtCidr); buf.append(" localgw=").append(dest.getPod().getGateway()); - - if (dc.getNetworkType() == NetworkType.Basic) { - // ask elb vm to setup SSH on guest network - buf.append(" sshonguest=true"); - } } controlNic = nic; diff --git a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java index 9cb6b21fb3c..30165b3c43f 100755 --- a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java +++ b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java @@ -1202,7 +1202,7 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian owner = _accountMgr.getAccount(Account.ACCOUNT_ID_SYSTEM); } - //Check if public network has to be sest on VR + //Check if public network has to be set on VR boolean publicNetwork = false; if (_networkMgr.isProviderSupportServiceInNetwork(guestNetwork.getId(), Service.SourceNat, Provider.VirtualRouter)) { publicNetwork = true; @@ -1211,7 +1211,12 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian s_logger.error("Didn't support redundant virtual router without public network!"); return null; } - + //Check if control network has to be set on VR + boolean controlNetwork = true; + if ( dest.getDataCenter().getNetworkType() == NetworkType.Basic ) { + // in basic mode, use private network as control network + controlNetwork = false; + } //1) Get deployment plan and find out the list of routers boolean isPodBased = (dest.getDataCenter().getNetworkType() == NetworkType.Basic || @@ -1253,7 +1258,7 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian int count = routerCount - routers.size(); PublicIp sourceNatIp = _networkMgr.assignSourceNatIpAddressToGuestNetwork(owner, guestNetwork); for (int i = 0; i < count; i++) { - DomainRouterVO router = deployRouter(owner, dest, plan, params, publicNetwork, guestNetwork, isRedundant, + DomainRouterVO router = deployRouter(owner, dest, plan, params, publicNetwork, controlNetwork, guestNetwork, isRedundant, vrProvider, offeringId, sourceNatIp, null); routers.add(router); } @@ -1266,7 +1271,7 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian } protected DomainRouterVO deployRouter(Account owner, DeployDestination dest, DeploymentPlan plan, Map params, - boolean setupPublicNetwork, Network guestNetwork, boolean isRedundant, + boolean setupPublicNetwork, boolean setupControlNetwork, Network guestNetwork, boolean isRedundant, VirtualRouterProvider vrProvider, long svcOffId, PublicIp sourceNatIp, Long vpcId) throws ConcurrentOperationException, InsufficientAddressCapacityException, InsufficientServerCapacityException, InsufficientCapacityException, StorageUnavailableException, ResourceUnavailableException { @@ -1275,9 +1280,8 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian if (s_logger.isDebugEnabled()) { s_logger.debug("Creating the router " + id + " in datacenter " + dest.getDataCenter()); } - - //1) Create router networks - List> networks = createRouterNetworks(owner, setupPublicNetwork, guestNetwork, + + List> networks = createRouterNetworks(owner, setupPublicNetwork, setupControlNetwork, guestNetwork, isRedundant, plan, sourceNatIp); @@ -1367,13 +1371,23 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian return router; } - protected List> createRouterNetworks(Account owner, boolean setupPublicNetwork, + protected List> createRouterNetworks(Account owner, boolean setupPublicNetwork, boolean setupControlNetwork, Network guestNetwork, boolean isRedundant, DeploymentPlan plan, PublicIp sourceNatIp) throws ConcurrentOperationException, InsufficientAddressCapacityException { //Form networks List> networks = new ArrayList>(3); - //1) Guest network + + //1) Control network + if (setupControlNetwork) { + s_logger.debug("Adding nic for Virtual Router in Control network "); + List offerings = _networkMgr.getSystemAccountNetworkOfferings(NetworkOfferingVO.SystemControlNetwork); + NetworkOfferingVO controlOffering = offerings.get(0); + NetworkVO controlConfig = _networkMgr.setupNetwork(_systemAcct, controlOffering, plan, null, null, false).get(0); + networks.add(new Pair(controlConfig, null)); + } + + //2) Guest network boolean hasGuestNetwork = false; if (guestNetwork != null) { s_logger.debug("Adding nic for Virtual Router in Guest network " + guestNetwork); @@ -1408,7 +1422,7 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian hasGuestNetwork = true; } - //2) Public network + //3) Public network if (setupPublicNetwork) { s_logger.debug("Adding nic for Virtual Router in Public network "); //if source nat service is supported by the network, get the source nat ip address @@ -1428,13 +1442,7 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian List publicNetworks = _networkMgr.setupNetwork(_systemAcct, publicOffering, plan, null, null, false); networks.add(new Pair(publicNetworks.get(0), defaultNic)); } - - //3) Control network - List offerings = _networkMgr.getSystemAccountNetworkOfferings(NetworkOfferingVO.SystemControlNetwork); - NetworkOfferingVO controlOffering = offerings.get(0); - NetworkVO controlConfig = _networkMgr.setupNetwork(_systemAcct, controlOffering, plan, null, null, false).get(0); - s_logger.debug("Adding nic for Virtual Router in Control network "); - networks.add(new Pair(controlConfig, null)); + return networks; } @@ -1632,12 +1640,6 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian buf.append(" mgmtcidr=").append(_mgmt_cidr); buf.append(" localgw=").append(dest.getPod().getGateway()); } - - - if (dc.getNetworkType() == NetworkType.Basic) { - // ask domR to setup SSH on guest network - buf.append(" sshonguest=true"); - } } } else if (nic.getTrafficType() == TrafficType.Guest) { dnsProvided = _networkMgr.isProviderSupportServiceInNetwork(nic.getNetworkId(), Service.Dns, Provider.VirtualRouter); @@ -1798,8 +1800,7 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian NicProfile controlNic = null; - if(profile.getHypervisorType() == HypervisorType.VMware && dcVo.getNetworkType() == NetworkType.Basic) { - // TODO this is a ugly to test hypervisor type here + if( dcVo.getNetworkType() == NetworkType.Basic) { // for basic network mode, we will use the guest NIC for control NIC for (NicProfile nic : profile.getNics()) { if (nic.getTrafficType() == TrafficType.Guest && nic.getIp4Address() != null) { diff --git a/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java index df1177d86a8..dc753d10839 100644 --- a/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java +++ b/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java @@ -110,7 +110,7 @@ VpcVirtualNetworkApplianceManager{ VirtualRouterProviderType.VirtualRouter); PublicIp sourceNatIp = _networkMgr.assignSourceNatIpAddressToVpc(owner, vpc); - DomainRouterVO router = deployRouter(owner, dest, plan, params, true, null, false, + DomainRouterVO router = deployRouter(owner, dest, plan, params, true, true, null, false, vrProvider, offeringId, sourceNatIp, vpc.getId()); routers.add(router); diff --git a/wscript b/wscript index 80f3d5616b4..6bf54e5221a 100644 --- a/wscript +++ b/wscript @@ -3,7 +3,7 @@ # the following two variables are used by the target "waf dist" # if you change 'em here, you need to change it also in cloud.spec, add a %changelog entry there, and add an entry in debian/changelog -VERSION = '3.0.3.2012-05-31T02:45:25Z' +VERSION = '3.0.3.2012-05-25T20:59:05Z' APPNAME = 'cloud' import shutil,os