diff --git a/patches/systemvm/debian/config/etc/init.d/cloud-early-config b/patches/systemvm/debian/config/etc/init.d/cloud-early-config index 6ffd648faeb..bdba38dee44 100755 --- a/patches/systemvm/debian/config/etc/init.d/cloud-early-config +++ b/patches/systemvm/debian/config/etc/init.d/cloud-early-config @@ -898,6 +898,29 @@ setup_elbvm() { chkconfig portmap off } +setup_ilbvm() { + log_it "Setting up Internal Load Balancer system vm" + local hyp=$1 + setup_common eth0 eth1 + #eth0 = guest network, eth1=control network + + cp /etc/iptables/iptables-ilbvm /etc/iptables/rules + if [ "$SSHONGUEST" == "true" ] + then + setup_sshd $ETH0_IP "eth0" + else + setup_sshd $ETH1_IP "eth1" + fi + + enable_fwding 0 + enable_svc haproxy 1 + enable_svc dnsmasq 0 + enable_svc cloud-passwd-srvr 0 + enable_svc cloud 0 + chkconfig nfs-common off + chkconfig portmap off +} + setup_default() { cat > /etc/network/interfaces << EOF auto lo @@ -948,6 +971,10 @@ start() { [ "$NAME" == "" ] && NAME=elb setup_elbvm ;; + ilbvm) + [ "$NAME" == "" ] && NAME=ilb + setup_ilbvm + ;; unknown) [ "$NAME" == "" ] && NAME=systemvm setup_default; diff --git a/patches/systemvm/debian/config/etc/iptables/iptables-ilbvm b/patches/systemvm/debian/config/etc/iptables/iptables-ilbvm new file mode 100755 index 00000000000..8d5ca651c75 --- /dev/null +++ b/patches/systemvm/debian/config/etc/iptables/iptables-ilbvm @@ -0,0 +1,33 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +*nat +:PREROUTING ACCEPT [0:0] +:POSTROUTING ACCEPT [0:0] +:OUTPUT ACCEPT [0:0] +COMMIT +*filter +:INPUT DROP [0:0] +:FORWARD DROP [0:0] +:OUTPUT ACCEPT [0:0] +-A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT +-A INPUT -i eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT +-A INPUT -p icmp -j ACCEPT +-A INPUT -i lo -j ACCEPT +-A INPUT -i eth1 -p tcp -m state --state NEW --dport 3922 -j ACCEPT +COMMIT + diff --git a/patches/systemvm/debian/config/opt/cloud/bin/patchsystemvm.sh b/patches/systemvm/debian/config/opt/cloud/bin/patchsystemvm.sh index 8816ad7c068..9cb02502ef1 100755 --- a/patches/systemvm/debian/config/opt/cloud/bin/patchsystemvm.sh +++ b/patches/systemvm/debian/config/opt/cloud/bin/patchsystemvm.sh @@ -135,6 +135,19 @@ elbvm_svcs() { echo "cloud dnsmasq cloud-passwd-srvr apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs } + +ilbvm_svcs() { + chkconfig cloud off + chkconfig haproxy on ; + chkconfig ssh on + chkconfig nfs-common off + chkconfig portmap off + chkconfig keepalived off + chkconfig conntrackd off + echo "ssh haproxy" > /var/cache/cloud/enabled_svcs + echo "cloud dnsmasq cloud-passwd-srvr apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs +} + enable_pcihotplug() { sed -i -e "/acpiphp/d" /etc/modules sed -i -e "/pci_hotplug/d" /etc/modules @@ -253,4 +266,14 @@ then fi fi +if [ "$TYPE" == "ilbvm" ] +then + ilbvm_svcs + if [ $? -gt 0 ] + then + printf "Failed to execute ilbvm svcs\n" >$logfile + exit 9 + fi +fi + exit $? diff --git a/plugins/network-elements/internal-loadbalancer/src/org/apache/cloudstack/network/lb/InternalLoadBalancerVMManagerImpl.java b/plugins/network-elements/internal-loadbalancer/src/org/apache/cloudstack/network/lb/InternalLoadBalancerVMManagerImpl.java index f3736217d16..34fab30b624 100644 --- a/plugins/network-elements/internal-loadbalancer/src/org/apache/cloudstack/network/lb/InternalLoadBalancerVMManagerImpl.java +++ b/plugins/network-elements/internal-loadbalancer/src/org/apache/cloudstack/network/lb/InternalLoadBalancerVMManagerImpl.java @@ -236,7 +236,7 @@ InternalLoadBalancerVMManager, VirtualMachineGuru { } //FIXME - fix the type once earlyconfig and patchsystem vm scripts are fixed - String type = "elbvm"; + String type = "ilbvm"; buf.append(" type=" + type); //FIXME - change it to DEBUG level later.