VPC : loadbalancer works

core/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java

@@ -1571,6 +1571,13 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
             tmpCfgFileContents += config[i];
             tmpCfgFileContents += "\n";
         }
+        String tmpCfgFilePath = "/etc/haproxy/haproxy.cfg.new";
+        String result = callHostPlugin(conn, "vmops", "createFileInDomr", "domrip", routerIp, "filepath", tmpCfgFilePath, "filecontents", tmpCfgFileContents);
+
+        if (result == null || result.isEmpty()) {
+            return new Answer(cmd, false, "LoadBalancerConfigCommand failed to create HA proxy cfg file.");
+        }
+
         String[][] rules = cfgtr.generateFwRules(cmd);
 
         String[] addRules = rules[LoadBalancerConfigurator.ADD];
@@ -1578,7 +1585,6 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
         String[] statRules = rules[LoadBalancerConfigurator.STATS];
 
         String args = "vpc_loadbalancer.sh " + routerIp;
-        args += " -f " + tmpCfgFileContents;
 
         StringBuilder sb = new StringBuilder();
         if (addRules.length > 0) {
@@ -1607,7 +1613,7 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
             args += " -s " + sb.toString();
         }
 
-        String result = callHostPlugin(conn, "vmops", "routerProxy", "args", args);
+        result = callHostPlugin(conn, "vmops", "routerProxy", "args", args);
 
         if (result == null || result.isEmpty()) {
             return new Answer(cmd, false, "LoadBalancerConfigCommand failed");

patches/systemvm/debian/config/etc/iptables/iptables-vpcrouter

@@ -9,10 +9,9 @@ COMMIT
 :OUTPUT ACCEPT [0:0]
 -A INPUT -d 224.0.0.18/32 -j ACCEPT
 -A INPUT -d 225.0.0.50/32 -j ACCEPT
--A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
 -A INPUT -p icmp -j ACCEPT
 -A INPUT -i lo -j ACCEPT
--A INPUT -i eth0 -p tcp -m state --state NEW --dport 3922 -j ACCEPT
+-A INPUT -i eth0 -p tcp --dport 3922 -j ACCEPT
 -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
 COMMIT
 *mangle

patches/systemvm/debian/config/opt/cloud/bin/vpc_loadbalancer.sh

@@ -32,7 +32,7 @@ usage() {
 fw_remove_backup() {
   sudo iptables -F back_load_balancer 2> /dev/null
   sudo iptables -D INPUT -p tcp  -j back_load_balancer 2> /dev/null
-  sudo iptables -X back_load_balancer_$vif 2> /dev/null
+  sudo iptables -X back_load_balancer 2> /dev/null
   sudo iptables -F back_lb_stats 2> /dev/null
   sudo iptables -D INPUT -p tcp  -j back_lb_stats 2> /dev/null
   sudo iptables -X back_lb_stats 2> /dev/null
@@ -41,7 +41,7 @@ fw_remove_backup() {
 fw_remove() {
   sudo iptables -F load_balancer 2> /dev/null
   sudo iptables -D INPUT -p tcp  -j load_balancer 2> /dev/null
-  sudo iptables -X load_balancer_$vif 2> /dev/null
+  sudo iptables -X load_balancer 2> /dev/null
   sudo iptables -F lb_stats 2> /dev/null
   sudo iptables -D INPUT -p tcp  -j lb_stats 2> /dev/null
   sudo iptables -X lb_stats 2> /dev/null
@@ -83,7 +83,7 @@ fw_entry() {
   local a=$(echo $added | cut -d, -f1- --output-delimiter=" ")
   local r=$(echo $removed | cut -d, -f1- --output-delimiter=" ")
   fw_chain_create
-  success = 0
+  success=0
   while [ 1 ]
   do
     for i in $a
@@ -91,7 +91,7 @@ fw_entry() {
       local pubIp=$(echo $i | cut -d: -f1)
       local dport=$(echo $i | cut -d: -f2)    
       sudo iptables -A load_balancer -p tcp -d $pubIp --dport $dport -j ACCEPT 2>/dev/null
-      success = $?
+      success=$?
       if [ $success -gt 0 ]
       then
         break
@@ -102,12 +102,12 @@ fw_entry() {
       local pubIp=$(echo $stats | cut -d: -f1)
       local dport=$(echo $stats | cut -d: -f2)    
       local cidrs=$(echo $stats | cut -d: -f3 | sed 's/-/,/')
-      sudo iptables -A lb_stats -s $cidrs -p tcp -m state --state NEW -d $pubIp --dport $dport -j ACCEPT 2>/dev/null
-      success = $?
+      sudo iptables -A lb_stats -s $cidrs -p tcp -d $pubIp --dport $dport -j ACCEPT 2>/dev/null
+      success=$?
     fi
     break
   done
-  if [ $success -ge 0 ]
+  if [ $success -gt 0 ]
   then
     fw_restore
   else
@@ -118,7 +118,6 @@ fw_entry() {
 
 #Hot reconfigure HA Proxy in the routing domain
 reconfig_lb() {
-  echo "$cfgContent" > /etc/haproxy/haproxy.cfg.new
   /root/reconfigLB.sh
   return $?
 }
@@ -143,7 +142,7 @@ dflag=
 fflag=
 sflag=
 
-while getopts 'i:a:d:f:s:' OPTION
+while getopts 'i:a:d:s:' OPTION
 do
   case $OPTION in
   i)	iflag=1
@@ -155,9 +154,6 @@ do
   d)	dflag=1
 		removedIps="$OPTARG"
 		;;
-  f)	fflag=1
-		cfgContent="$OPTARG"
-		;;
   s)	sflag=1
 		statsIp="$OPTARG"
 		;;

scripts/vm/hypervisor/xenserver/vmops

@@ -343,6 +343,28 @@ def createFile(session, args):
 
     return txt
 
+
+@echo
+def createFileInDomr(session, args):
+    file_path = args['filepath']
+    file_contents = args['filecontents']
+    domrip = args['domrip']
+    try:
+        tmpfile = util.pread2(['mktemp']).strip()
+        f = open(tmpfile, "w")
+        f.write(file_contents)
+        f.close()
+        target = "root@" + domrip + ":" + file_path
+        util.pread2(['scp','-P','3922','-q','-o','StrictHostKeyChecking=no','-i','/root/.ssh/id_rsa.cloud',tmpfile, target])
+        util.pread2(['rm',tmpfile])
+        txt = 'success'
+    except:
+        util.SMlog(" failed to create HA proxy cfg file ")
+        txt = ''
+
+    return txt
+
+
 @echo
 def deleteFile(session, args):
     file_path = args["filepath"]
@@ -1425,5 +1447,6 @@ if __name__ == "__main__":
                             "get_rule_logs_for_vms":get_rule_logs_for_vms, 
                             "setLinkLocalIP":setLinkLocalIP,
                             "cleanup_rules":cleanup_rules,
+			    "createFileInDomr":createFileInDomr,
                             "bumpUpPriority":bumpUpPriority,
                             "kill_copy_process":kill_copy_process})