parallelvirtualcluster
/
pvc
1
0
Fork 0
Code Issues 11 Pull Requests Projects Releases 109 Wiki Activity

Fix up the remaining DHCPv6 setup

This commit is contained in:
Joshua Boniface 2018-11-18 00:55:04 -05:00
parent 4c1e1b4622
commit b1d0b6e62f
3 changed files with 76 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
client-common/network.py
View File

@ -101,14 +101,14 @@ def getNetworkDescription(zk_conn, network):
return net_description return net_description
def getNetworkDHCPLeases(zk_conn, vni): def getNetworkDHCPLeases(zk_conn, vni):
# Get a list of DHCP leases by listing the children of /networks/<vni>/dhcp_leases # Get a list of DHCP leases by listing the children of /networks/<vni>/dhcp4_leases
dhcp_leases = zkhandler.listchildren(zk_conn, '/networks/{}/dhcp_leases'.format(vni)) dhcp4_leases = zkhandler.listchildren(zk_conn, '/networks/{}/dhcp4_leases'.format(vni))
return sorted(dhcp_leases) return sorted(dhcp4_leases)
def getNetworkDHCPReservations(zk_conn, vni): def getNetworkDHCPReservations(zk_conn, vni):
# Get a list of DHCP reservations by listing the children of /networks/<vni>/dhcp_reservations # Get a list of DHCP reservations by listing the children of /networks/<vni>/dhcp4_reservations
dhcp_reservations = zkhandler.listchildren(zk_conn, '/networks/{}/dhcp_reservations'.format(vni)) dhcp4_reservations = zkhandler.listchildren(zk_conn, '/networks/{}/dhcp4_reservations'.format(vni))
return sorted(dhcp_reservations) return sorted(dhcp4_reservations)
def getNetworkACLs(zk_conn, vni, _direction): def getNetworkACLs(zk_conn, vni, _direction):
# Get the (sorted) list of active ACLs # Get the (sorted) list of active ACLs
@ -144,17 +144,17 @@ def getNetworkInformation(zk_conn, vni):
return description, domain, ip6_network, ip6_gateway, dhcp6_flag, ip4_network, ip4_gateway, dhcp4_flag, dhcp4_start, dhcp4_end return description, domain, ip6_network, ip6_gateway, dhcp6_flag, ip4_network, ip4_gateway, dhcp4_flag, dhcp4_start, dhcp4_end
def getDHCPLeaseInformation(zk_conn, vni, mac_address): def getDHCPLeaseInformation(zk_conn, vni, mac_address):
hostname = zkhandler.readdata(zk_conn, '/networks/{}/dhcp_leases/{}/hostname'.format(vni, mac_address)) hostname = zkhandler.readdata(zk_conn, '/networks/{}/dhcp4_leases/{}/hostname'.format(vni, mac_address))
ip4_address = zkhandler.readdata(zk_conn, '/networks/{}/dhcp_leases/{}/ipaddr'.format(vni, mac_address)) ip4_address = zkhandler.readdata(zk_conn, '/networks/{}/dhcp4_leases/{}/ipaddr'.format(vni, mac_address))
try: try:
timestamp = zkhandler.readdata(zk_conn, '/networks/{}/dhcp_leases/{}/expiry'.format(vni, mac_address)) timestamp = zkhandler.readdata(zk_conn, '/networks/{}/dhcp4_leases/{}/expiry'.format(vni, mac_address))
except: except:
timestamp = 'static' timestamp = 'static'
return hostname, ip4_address, mac_address, timestamp return hostname, ip4_address, mac_address, timestamp
def getDHCPReservationInformation(zk_conn, vni, mac_address): def getDHCPReservationInformation(zk_conn, vni, mac_address):
hostname = zkhandler.readdata(zk_conn, '/networks/{}/dhcp_reservations/{}/hostname'.format(vni, mac_address)) hostname = zkhandler.readdata(zk_conn, '/networks/{}/dhcp4_reservations/{}/hostname'.format(vni, mac_address))
ip4_address = zkhandler.readdata(zk_conn, '/networks/{}/dhcp_reservations/{}/ipaddr'.format(vni, mac_address)) ip4_address = zkhandler.readdata(zk_conn, '/networks/{}/dhcp4_reservations/{}/ipaddr'.format(vni, mac_address))
timestamp = 'static' timestamp = 'static'
return hostname, ip4_address, mac_address, timestamp return hostname, ip4_address, mac_address, timestamp
@ -360,7 +360,7 @@ def formatNetworkList(zk_conn, net_list):
output_string = net_list_output_header + '\n' + '\n'.join(sorted(net_list_output)) output_string = net_list_output_header + '\n' + '\n'.join(sorted(net_list_output))
return output_string return output_string
def formatDHCPLeaseList(zk_conn, vni, dhcp_leases_list, reservations=False): def formatDHCPLeaseList(zk_conn, vni, dhcp4_leases_list, reservations=False):
dhcp_lease_list_output = [] dhcp_lease_list_output = []
hostname = dict() hostname = dict()
ip4_address = dict() ip4_address = dict()
@ -368,7 +368,7 @@ def formatDHCPLeaseList(zk_conn, vni, dhcp_leases_list, reservations=False):
timestamp = dict() timestamp = dict()
# Gather information for printing # Gather information for printing
for dhcp_lease in dhcp_leases_list: for dhcp_lease in dhcp4_leases_list:
if reservations: if reservations:
hostname[dhcp_lease], ip4_address[dhcp_lease], mac_address[dhcp_lease], timestamp[dhcp_lease] = getDHCPReservationInformation(zk_conn, vni, dhcp_lease) hostname[dhcp_lease], ip4_address[dhcp_lease], mac_address[dhcp_lease], timestamp[dhcp_lease] = getDHCPReservationInformation(zk_conn, vni, dhcp_lease)
else: else:
@ -379,7 +379,7 @@ def formatDHCPLeaseList(zk_conn, vni, dhcp_leases_list, reservations=False):
lease_ip4_address_length = 11 lease_ip4_address_length = 11
lease_mac_address_length = 13 lease_mac_address_length = 13
lease_timestamp_length = 13 lease_timestamp_length = 13
for dhcp_lease in dhcp_leases_list: for dhcp_lease in dhcp4_leases_list:
# hostname column # hostname column
_lease_hostname_length = len(hostname[dhcp_lease]) + 1 _lease_hostname_length = len(hostname[dhcp_lease]) + 1
if _lease_hostname_length > lease_hostname_length: if _lease_hostname_length > lease_hostname_length:
@ -412,7 +412,7 @@ def formatDHCPLeaseList(zk_conn, vni, dhcp_leases_list, reservations=False):
lease_timestamp='Timestamp' lease_timestamp='Timestamp'
) )
for dhcp_lease in dhcp_leases_list: for dhcp_lease in dhcp4_leases_list:
dhcp_lease_list_output.append('{bold}\ dhcp_lease_list_output.append('{bold}\
{lease_hostname: <{lease_hostname_length}} \ {lease_hostname: <{lease_hostname_length}} \
{lease_ip4_address: <{lease_ip4_address_length}} \ {lease_ip4_address: <{lease_ip4_address_length}} \
@ -655,15 +655,15 @@ def add_dhcp_reservation(zk_conn, network, ipaddress, macaddress, hostname):
if not isValidIP(ipaddress): if not isValidIP(ipaddress):
return False, 'ERROR: IP address "{}" is not valid!'.format(macaddress) return False, 'ERROR: IP address "{}" is not valid!'.format(macaddress)
if zkhandler.exists(zk_conn, '/networks/{}/dhcp_reservations/{}'.format(net_vni, macaddress)): if zkhandler.exists(zk_conn, '/networks/{}/dhcp4_reservations/{}'.format(net_vni, macaddress)):
return False, 'ERROR: A reservation with MAC "{}" already exists!'.format(macaddress) return False, 'ERROR: A reservation with MAC "{}" already exists!'.format(macaddress)
# Add the new static lease to ZK # Add the new static lease to ZK
try: try:
zkhandler.writedata(zk_conn, { zkhandler.writedata(zk_conn, {
'/networks/{}/dhcp_reservations/{}'.format(net_vni, macaddress): 'static', '/networks/{}/dhcp4_reservations/{}'.format(net_vni, macaddress): 'static',
'/networks/{}/dhcp_reservations/{}/hostname'.format(net_vni, macaddress): hostname, '/networks/{}/dhcp4_reservations/{}/hostname'.format(net_vni, macaddress): hostname,
'/networks/{}/dhcp_reservations/{}/ipaddr'.format(net_vni, macaddress): ipaddress '/networks/{}/dhcp4_reservations/{}/ipaddr'.format(net_vni, macaddress): ipaddress
}) })
except Exception as e: except Exception as e:
return False, 'ERROR: Failed to write to Zookeeper! Exception: "{}".'.format(e) return False, 'ERROR: Failed to write to Zookeeper! Exception: "{}".'.format(e)
@ -679,10 +679,10 @@ def remove_dhcp_reservation(zk_conn, network, reservation):
match_description = '' match_description = ''
# Check if the reservation matches a description, a mac, or an IP address currently in the database # Check if the reservation matches a description, a mac, or an IP address currently in the database
dhcp_reservations_list = getNetworkDHCPReservations(zk_conn, net_vni) dhcp4_reservations_list = getNetworkDHCPReservations(zk_conn, net_vni)
for macaddr in dhcp_reservations_list: for macaddr in dhcp4_reservations_list:
hostname = zkhandler.readdata(zk_conn, '/networks/{}/dhcp_reservations/{}/hostname'.format(net_vni, macaddr)) hostname = zkhandler.readdata(zk_conn, '/networks/{}/dhcp4_reservations/{}/hostname'.format(net_vni, macaddr))
ipaddress = zkhandler.readdata(zk_conn, '/networks/{}/dhcp_reservations/{}/ipaddr'.format(net_vni, macaddr)) ipaddress = zkhandler.readdata(zk_conn, '/networks/{}/dhcp4_reservations/{}/ipaddr'.format(net_vni, macaddr))
if reservation == macaddr or reservation == hostname or reservation == ipaddress: if reservation == macaddr or reservation == hostname or reservation == ipaddress:
match_description = macaddr match_description = macaddr
@ -691,7 +691,7 @@ def remove_dhcp_reservation(zk_conn, network, reservation):
# Remove the entry from zookeeper # Remove the entry from zookeeper
try: try:
zkhandler.deletekey(zk_conn, '/networks/{}/dhcp_reservations/{}'.format(net_vni, match_description)) zkhandler.deletekey(zk_conn, '/networks/{}/dhcp4_reservations/{}'.format(net_vni, match_description))
except: except:
return False, 'ERROR: Failed to write to Zookeeper!' return False, 'ERROR: Failed to write to Zookeeper!'

36
node-daemon/pvcd/Daemon.py
View File

@ -71,11 +71,13 @@ import pvcd.CephInstance as CephInstance
# Create timer to update this node in Zookeeper # Create timer to update this node in Zookeeper
def startKeepaliveTimer(): def startKeepaliveTimer():
global update_timer # Create our timer object
update_timer = apscheduler.schedulers.background.BackgroundScheduler()
interval = int(config['keepalive_interval']) interval = int(config['keepalive_interval'])
logger.out('Starting keepalive timer ({} second interval)'.format(interval), state='s') logger.out('Starting keepalive timer ({} second interval)'.format(interval), state='s')
update_timer.add_job(update_zookeeper, 'interval', seconds=interval) update_timer.add_job(update_zookeeper, 'interval', seconds=interval)
update_timer.start() update_timer.start()
return update_timer
def stopKeepaliveTimer(): def stopKeepaliveTimer():
global update_timer global update_timer
@ -111,9 +113,6 @@ staticdata.append(subprocess.run(['uname', '-r'], stdout=subprocess.PIPE).stdout
staticdata.append(subprocess.run(['uname', '-o'], stdout=subprocess.PIPE).stdout.decode('ascii').strip()) staticdata.append(subprocess.run(['uname', '-o'], stdout=subprocess.PIPE).stdout.decode('ascii').strip())
staticdata.append(subprocess.run(['uname', '-m'], stdout=subprocess.PIPE).stdout.decode('ascii').strip()) staticdata.append(subprocess.run(['uname', '-m'], stdout=subprocess.PIPE).stdout.decode('ascii').strip())
# Create our timer object
update_timer = apscheduler.schedulers.background.BackgroundScheduler()
# Config values dictionary # Config values dictionary
config_values = [ config_values = [
'coordinators', 'coordinators',
@ -288,13 +287,19 @@ except Exception as e:
# Handle zookeeper failures # Handle zookeeper failures
def zk_listener(state): def zk_listener(state):
global zk_conn, update_timer global zk_conn, update_timer
if state == kazoo.client.KazooState.SUSPENDED: if state == kazoo.client.KazooState.CONNECTED:
logger.out('Connection to Zookeeper lost; retrying', state='w') logger.out('Connection to Zookeeper restarted', state='o')
# Start keepalive thread
if update_timer:
update_timer = startKeepaliveTimer()
else:
# Stop keepalive thread # Stop keepalive thread
if update_timer: if update_timer:
stopKeepaliveTimer() stopKeepaliveTimer()
logger.out('Connection to Zookeeper lost; retrying', state='w')
while True: while True:
_zk_conn = kazoo.client.KazooClient(hosts=config['coordinators']) _zk_conn = kazoo.client.KazooClient(hosts=config['coordinators'])
try: try:
@ -303,14 +308,6 @@ def zk_listener(state):
break break
except: except:
time.sleep(1) time.sleep(1)
elif state == kazoo.client.KazooState.CONNECTED:
logger.out('Connection to Zookeeper restarted', state='o')
# Start keepalive thread
if update_timer:
update_timer = startKeepaliveTimer()
else:
pass
zk_conn.add_listener(zk_listener) zk_conn.add_listener(zk_listener)
############################################################################### ###############################################################################
@ -422,14 +419,14 @@ else:
vni_dev = config['vni_dev'] vni_dev = config['vni_dev']
vni_dev_ip = config['vni_dev_ip'] vni_dev_ip = config['vni_dev_ip']
logger.out('Setting up VNI network on interface {} with IP {}'.format(vni_dev, vni_dev_ip), state='i') logger.out('Setting up VNI network on interface {} with IP {}'.format(vni_dev, vni_dev_ip), state='i')
common.run_os_command('ip link set {} up'.format(vni_dev)) common.run_os_command('ip link set {} mtu 9000 up'.format(vni_dev))
common.run_os_command('ip address add {} dev {}'.format(vni_dev_ip, vni_dev)) common.run_os_command('ip address add {} dev {}'.format(vni_dev_ip, vni_dev))
# Storage configuration # Storage configuration
storage_dev = config['storage_dev'] storage_dev = config['storage_dev']
storage_dev_ip = config['storage_dev_ip'] storage_dev_ip = config['storage_dev_ip']
logger.out('Setting up Storage network on interface {} with IP {}'.format(storage_dev, storage_dev_ip), state='i') logger.out('Setting up Storage network on interface {} with IP {}'.format(storage_dev, storage_dev_ip), state='i')
common.run_os_command('ip link set {} up'.format(storage_dev)) common.run_os_command('ip link set {} mtu 9000 up'.format(storage_dev))
common.run_os_command('ip address add {} dev {}'.format(storage_dev_ip, storage_dev)) common.run_os_command('ip address add {} dev {}'.format(storage_dev_ip, storage_dev))
# Upstream configuration # Upstream configuration
@ -899,6 +896,11 @@ def update_zookeeper():
else: else:
ceph_health_colour = logger.fmt_red ceph_health_colour = logger.fmt_red
# DNS aggregator retransfer
if this_node.router_state == 'primary':
for network in d_network:
dns_aggregator.get_axfr(network)
# Set ceph health information in zookeeper (primary only) # Set ceph health information in zookeeper (primary only)
if this_node.router_state == 'primary': if this_node.router_state == 'primary':
# Get status info # Get status info
@ -1145,7 +1147,7 @@ def update_zookeeper():
# Start keepalive thread and immediately update Zookeeper # Start keepalive thread and immediately update Zookeeper
startKeepaliveTimer() update_timer = startKeepaliveTimer()
update_zookeeper() update_zookeeper()
# Tick loop; does nothing since everything else is async # Tick loop; does nothing since everything else is async

40
node-daemon/pvcd/VXNetworkInstance.py
View File

@ -77,11 +77,13 @@ add rule inet filter {vxlannic}-in counter
add rule inet filter {vxlannic}-out counter add rule inet filter {vxlannic}-out counter
# Allow ICMP traffic into the router from network # Allow ICMP traffic into the router from network
add rule inet filter input ip protocol icmp meta iifname {bridgenic} counter accept add rule inet filter input ip protocol icmp meta iifname {bridgenic} counter accept
add rule inet filter input ip6 nexthdr icmpv6 meta iifname {bridgenic} counter accept
# Allow DNS, DHCP, and NTP traffic into the router from network # Allow DNS, DHCP, and NTP traffic into the router from network
add rule inet filter input tcp dport 53 meta iifname {bridgenic} counter accept add rule inet filter input tcp dport 53 meta iifname {bridgenic} counter accept
add rule inet filter input udp dport 53 meta iifname {bridgenic} counter accept add rule inet filter input udp dport 53 meta iifname {bridgenic} counter accept
add rule inet filter input udp dport 67 meta iifname {bridgenic} counter accept add rule inet filter input udp dport 67 meta iifname {bridgenic} counter accept
add rule inet filter input udp dport 123 meta iifname {bridgenic} counter accept add rule inet filter input udp dport 123 meta iifname {bridgenic} counter accept
add rule inet filter input ip6 nexthdr udp udp dport 547 meta iifname {bridgenic} counter accept
# Block traffic into the router from network # Block traffic into the router from network
add rule inet filter input meta iifname {bridgenic} counter drop add rule inet filter input meta iifname {bridgenic} counter drop
""".format( """.format(
@ -151,11 +153,15 @@ add rule inet filter forward ip6 saddr {netaddr6} counter jump {vxlannic}-out
if data and self.ip6_gateway != data.decode('ascii'): if data and self.ip6_gateway != data.decode('ascii'):
orig_gateway = self.ip6_gateway orig_gateway = self.ip6_gateway
self.ip6_gateway = data.decode('ascii')
if self.this_node.router_state == 'primary': if self.this_node.router_state == 'primary':
if orig_gateway: if orig_gateway:
self.removeGateway6Address() self.removeGateway6Address()
self.ip6_gateway = data.decode('ascii')
if self.this_node.router_state == 'primary':
self.createGateway6Address() self.createGateway6Address()
if self.dhcp_server_daemon:
self.stopDHCPServer()
self.startDHCPServer()
@self.zk_conn.DataWatch('/networks/{}/dhcp6_flag'.format(self.vni)) @self.zk_conn.DataWatch('/networks/{}/dhcp6_flag'.format(self.vni))
def watch_network_dhcp_status(data, stat, event=''): def watch_network_dhcp_status(data, stat, event=''):
@ -192,11 +198,15 @@ add rule inet filter forward ip6 saddr {netaddr6} counter jump {vxlannic}-out
if data and self.ip4_gateway != data.decode('ascii'): if data and self.ip4_gateway != data.decode('ascii'):
orig_gateway = self.ip4_gateway orig_gateway = self.ip4_gateway
self.ip4_gateway = data.decode('ascii')
if self.this_node.router_state == 'primary': if self.this_node.router_state == 'primary':
if orig_gateway: if orig_gateway:
self.removeGateway4Address() self.removeGateway4Address()
self.ip4_gateway = data.decode('ascii')
if self.this_node.router_state == 'primary':
self.createGateway4Address() self.createGateway4Address()
if self.dhcp_server_daemon:
self.stopDHCPServer()
self.startDHCPServer()
@self.zk_conn.DataWatch('/networks/{}/dhcp4_flag'.format(self.vni)) @self.zk_conn.DataWatch('/networks/{}/dhcp4_flag'.format(self.vni))
def watch_network_dhcp_status(data, stat, event=''): def watch_network_dhcp_status(data, stat, event=''):
@ -380,12 +390,12 @@ add rule inet filter forward ip6 saddr {netaddr6} counter jump {vxlannic}-out
) )
) )
common.run_os_command( common.run_os_command(
'ip link set {} up'.format( 'ip link set {} mtu 8800 up'.format(
self.vxlan_nic self.vxlan_nic
) )
) )
common.run_os_command( common.run_os_command(
'ip link set {} up'.format( 'ip link set {} mtu 8800 up'.format(
self.bridge_nic self.bridge_nic
) )
) )
@ -435,13 +445,15 @@ add rule inet filter forward ip6 saddr {netaddr6} counter jump {vxlannic}-out
prefix='VNI {}'.format(self.vni), prefix='VNI {}'.format(self.vni),
state='o' state='o'
) )
# Recreate the environment we need for dnsmasq # Recreate the environment we need for dnsmasq
pvcd_config_file = os.environ['PVCD_CONFIG_FILE'] pvcd_config_file = os.environ['PVCD_CONFIG_FILE']
dhcp_environment = { dhcp_environment = {
'DNSMASQ_BRIDGE_INTERFACE': self.bridge_nic, 'DNSMASQ_BRIDGE_INTERFACE': self.bridge_nic,
'PVCD_CONFIG_FILE': pvcd_config_file 'PVCD_CONFIG_FILE': pvcd_config_file
} }
# Define the dnsmasq config
# Define the dnsmasq config fragments
dhcp_configuration_base = [ dhcp_configuration_base = [
'--domain-needed', '--domain-needed',
'--bogus-priv', '--bogus-priv',
@ -454,9 +466,10 @@ add rule inet filter forward ip6 saddr {netaddr6} counter jump {vxlannic}-out
'--local=/{}/'.format(self.domain), '--local=/{}/'.format(self.domain),
'--auth-zone={}'.format(self.domain), '--auth-zone={}'.format(self.domain),
'--log-facility=-', '--log-facility=-',
'--log-dhcp',
'--keep-in-foreground', '--keep-in-foreground',
'--leasefile-ro', '--leasefile-ro',
'--auth-soa=1,pvc@localhost,10,10', # '--auth-soa=1,pvc@localhost,10,10',
'--dhcp-script={}/pvcd/dnsmasq-zookeeper-leases.py'.format(os.getcwd()), '--dhcp-script={}/pvcd/dnsmasq-zookeeper-leases.py'.format(os.getcwd()),
'--dhcp-hostsdir={}'.format(self.dnsmasq_hostsdir), '--dhcp-hostsdir={}'.format(self.dnsmasq_hostsdir),
'--bind-interfaces', '--bind-interfaces',
@ -474,15 +487,28 @@ add rule inet filter forward ip6 saddr {netaddr6} counter jump {vxlannic}-out
'--listen-address={}'.format(self.ip6_gateway), '--listen-address={}'.format(self.ip6_gateway),
'--auth-peer={}'.format(self.ip6_gateway), '--auth-peer={}'.format(self.ip6_gateway),
'--auth-sec-servers={}'.format(self.ip6_gateway), '--auth-sec-servers={}'.format(self.ip6_gateway),
'--dhcp-option=option6:ntp-server,{}'.format(self.ip6_gateway), '--dhcp-option=option6:dns-server,{}'.format(self.ip6_gateway),
'--dhcp-option=option6:sntp-server,{}'.format(self.ip6_gateway),
]
dhcp_configuration_v6_dualstack = [
'--dhcp-range=net:{nic},::,constructor:{nic},ra-stateless,ra-names'.format(nic=self.bridge_nic), '--dhcp-range=net:{nic},::,constructor:{nic},ra-stateless,ra-names'.format(nic=self.bridge_nic),
'--enable-ra', '--enable-ra',
] ]
dhcp_configuration_v6_only = [
'--dhcp-range=net:{nic},::2,::ffff:ffff:ffff:ffff,constructor:{nic},64,24h'.format(nic=self.bridge_nic),
]
# Assemble the DHCP configuration
dhcp_configuration = dhcp_configuration_base dhcp_configuration = dhcp_configuration_base
if self.dhcp4_flag: if self.dhcp4_flag:
dhcp_configuration += dhcp_configuration_v4 dhcp_configuration += dhcp_configuration_v4
if self.dhcp6_flag: if self.dhcp6_flag:
dhcp_configuration += dhcp_configuration_v6 dhcp_configuration += dhcp_configuration_v6
if self.dhcp4_flag:
dhcp_configuration += dhcp_configuration_v6_dualstack
else:
dhcp_configuration += dhcp_configuration_v6_only
# Start the dnsmasq process in a thread # Start the dnsmasq process in a thread
print('/usr/sbin/dnsmasq {}'.format(' '.join(dhcp_configuration))) print('/usr/sbin/dnsmasq {}'.format(' '.join(dhcp_configuration)))
self.dhcp_server_daemon = common.run_os_daemon( self.dhcp_server_daemon = common.run_os_daemon(