1
0
mirror of https://github.com/OpenNebula/one.git synced 2024-12-22 13:33:52 +03:00

L #-: Floating IPs start script (#4414)

Signed-off-by: Ricardo Diaz <rdiaz@opennebula.systems>
This commit is contained in:
Ricardo Diaz 2020-03-24 19:40:24 +01:00 committed by GitHub
parent 1933d5c9bc
commit e01949c57d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -44,7 +44,7 @@ roles.each do |role|
role['nodes'].each do |node|
nics = node['vm_info']['VM']['TEMPLATE']['NIC']
node['vm_info']['VM']['TEMPLATE']['NIC_ALIAS'].each do |nic_alias|
nic = nics.detect { |nic| nic['NAME'] == nic_alias['PARENT'] }
nic = nics.detect {|n| n['NAME'] == nic_alias['PARENT'] }
sdnats << { 'NIC' => nic['IP'], 'NIC_ALIAS' => nic_alias['IP'] }
end
end
@ -52,29 +52,41 @@ end
log.debug "IPs: #{sdnats}"
rules = ""
rules = ''
begin
f = Tempfile.new
f << `#{IPTABLES_NAT_PREFIX} -S #{CHAIN_VROUTER_DNAT} >/dev/null 2>&1 || echo "-N #{CHAIN_VROUTER_DNAT}"`
f << `#{IPTABLES_NAT_PREFIX} -S #{CHAIN_VROUTER_SNAT} >/dev/null 2>&1 || echo "-N #{CHAIN_VROUTER_SNAT}"`
f << `#{IPTABLES_NAT_PREFIX} -C PREROUTING -j #{CHAIN_VROUTER_DNAT} 2>/dev/null || echo "-A PREROUTING -j #{CHAIN_VROUTER_DNAT}"`
f << `#{IPTABLES_NAT_PREFIX} -C POSTROUTING -j #{CHAIN_VROUTER_SNAT} 2>/dev/null || echo "-A POSTROUTING -j #{CHAIN_VROUTER_SNAT}"`
f << `iptables -tnat -S #{CHAIN_VROUTER_DNAT} >/dev/null 2>&1 ||\
echo "-N #{CHAIN_VROUTER_DNAT}"`
f << `iptables -tnat -S #{CHAIN_VROUTER_SNAT} >/dev/null 2>&1 ||\
echo "-N #{CHAIN_VROUTER_SNAT}"`
f << `iptables -tnat -C PREROUTING -j #{CHAIN_VROUTER_DNAT} 2>/dev/null ||\
echo "-A PREROUTING -j #{CHAIN_VROUTER_DNAT}"`
f << `iptables -tnat -C POSTROUTING -j #{CHAIN_VROUTER_SNAT} 2>/dev/null ||\
echo "-A POSTROUTING -j #{CHAIN_VROUTER_SNAT}"`
f << `iptables -t nat -S #{CHAIN_VROUTER_DNAT} 2>/dev/null \| sed -n 's/-A\\(.*\\)/-D\\1/p'`
f << `iptables -t nat -S #{CHAIN_VROUTER_SNAT} 2>/dev/null \| sed -n 's/-A\\(.*\\)/-D\\1/p'`
f << `iptables -t nat -S #{CHAIN_VROUTER_DNAT} 2>/dev/null |\
sed -n 's/-A\\(.*\\)/-D\\1/p'`
f << `iptables -t nat -S #{CHAIN_VROUTER_SNAT} 2>/dev/null |\
sed -n 's/-A\\(.*\\)/-D\\1/p'`
f.close
sdnats.each do |nat|
`#{IPTABLES_NAT_PREFIX} -C #{CHAIN_VROUTER_DNAT} -d #{nat['NIC_ALIAS']} -j DNAT --to-destination #{nat['NIC']} 2>/dev/null &&\
sed -i '/.*#{CHAIN_VROUTER_DNAT} -d #{nat['NIC_ALIAS']}\\/32 -j DNAT --to-destination #{nat['NIC']}/d' #{f.path} ||\
echo '-A #{CHAIN_VROUTER_DNAT} -d #{nat['NIC_ALIAS']} -j DNAT --to-destination #{nat['NIC']}' >> #{f.path}`
`iptables -tnat -C #{CHAIN_VROUTER_DNAT} -d #{nat['NIC_ALIAS']} -j DNAT\
--to-destination #{nat['NIC']} 2>/dev/null &&\
sed -i '/.*#{CHAIN_VROUTER_DNAT} -d #{nat['NIC_ALIAS']}\\/32 -j DNAT \
--to-destination #{nat['NIC']}/d' #{f.path} ||\
echo '-A #{CHAIN_VROUTER_DNAT} -d #{nat['NIC_ALIAS']} -j DNAT \
--to-destination #{nat['NIC']}' >> #{f.path}`
`#{IPTABLES_NAT_PREFIX} -C #{CHAIN_VROUTER_SNAT} -s #{nat['NIC']} -j SNAT --to-source #{nat['NIC_ALIAS']} 2>/dev/null &&\
sed -i '/.*#{CHAIN_VROUTER_SNAT} -s #{nat['NIC']}\\/32 -j SNAT --to-source #{nat['NIC_ALIAS']}/d' #{f.path}||\
echo '-A #{CHAIN_VROUTER_SNAT} -s #{nat['NIC']} -j SNAT --to-source #{nat['NIC_ALIAS']}' >> #{f.path}`
`iptables -tnat -C #{CHAIN_VROUTER_SNAT} -s #{nat['NIC']} -j SNAT \
--to-source #{nat['NIC_ALIAS']} 2>/dev/null &&\
sed -i '/.*#{CHAIN_VROUTER_SNAT} -s #{nat['NIC']}\\/32 -j SNAT \
--to-source #{nat['NIC_ALIAS']}/d' #{f.path}||\
echo '-A #{CHAIN_VROUTER_SNAT} -s #{nat['NIC']} -j SNAT \
--to-source #{nat['NIC_ALIAS']}' >> #{f.path}`
end
rules << `cat #{f.path}`
@ -85,7 +97,7 @@ end
log.debug "Rules: #{rules}"
rules.each_line do |rule|
`#{IPTABLES_NAT_PREFIX} #{rule}`
`iptables -tnat #{rule}`
end
log.debug "iptables-save: #{`iptables-save`}"